Buffer overflows are one of the oldest and most dangerous vulnerabilities in software security. A heap buffer overflow was the second most exploited vulnerability in 2023. Over the years, it has enabled countless attacks, often with severe consequences, such as Cloudbleed in 2017. Despite advances in security practices, buffer overflows continue to pose significant risks, especially in software written in low-level languages like C and C++.

I've spent over 35 years as a trainer in various capacities, so it might surprise you to hear me say that training alone isn't enough to change behaviours—particularly when it comes to security. This isn't just my opinion; it's a conclusion from our State of Human Risk Management in 2024 Report. To understand why training isn't the full solution, we need to delve into the field of human error. Mistakes—errors caused by wrongly applied knowledge—can often be corrected with training.

When we first announced our plans to build Fireblocks Automation in April 2024, we set out to tackle a seemingly mundane yet crucial challenge for our customers. Our goal was to mitigate the manual, repetitive, time-consuming, and error-prone blockchain payment and crypto trading operations that were hindering businesses from easily scaling their operations as they expanded across geographies and add new product offerings.

The typical workplace of the information age is no longer an office cubicle with a desktop PC. It’s an airplane seat, a comfy cafe chair, and a kitchen table — and it may not even have a company-issued device at its center. Research shows the productivity gains made possible by the growth of bring-your-own-device (BYOD) policies. Yet empowering employees to do their best work wherever they are and with whatever devices they have at their disposal also comes with risks.

Keeper Security is pleased to announce significant improvements to the Security Audit tab of the Admin Console for business users, as well as the Browser Extension for organizations and individuals alike. The updates include a refreshed User Interface (UI) for both, new functionality to refresh and reset Security Audit scores, the ability to generate a passphrase via the Browser Extension and more.

Human risk management (HRM) has become a more established category in recent years. This development signals a crucial shift towards enabling security teams to accurately quantify and manage workplace risks. With the rise of HRM, a variety of new technologies have also emerged on the market. However, how do you navigate the sea of buzzwords and shiny promises to pick the solution that's right for you?

At 1Password, our mission has always been clear: to provide robust, human-centric security solutions that meet the needs of today’s businesses. Cybersecurity threats are evolving daily so it’s never been more important for businesses to have reliable, user-friendly solutions.

Not all security operation centers (SOCs) are equal. They have teams of different sizes, with varying skill levels, protecting a wide range of industries around the world. However, they have a few things in common — for one, they face many of the same threats, and many SOC teams struggle with the complexity of managing several disparate tools to detect and disrupt them. As the cybersecurity industry matures, SOC teams have more options to consolidate the security tools they use.

Action Fraud, the UK’s national fraud and cyber crime reporting service, warns that more than 33,000 people have reported that their online accounts have been hacked over the past year. Most of these hacks were the result of phishing and other social engineering tactics. Action Fraud describes one technique that involves using a compromised account to target the victim’s friends.

The Network and Information Security (NIS2) Directive’s deadline of October 17th has officially passed. Yet despite this deadline – and the strict penalties in place for non-compliance – nearly 66% of businesses operating in Europe have likely not implemented the necessary compliance controls (Veeam Software). Additionally, the majority of EU member states have yet to officially codify NIS2 standards into their national laws.