Top tips is a weekly column where we highlight what’s trending in the tech world today and list out ways to explore these trends. This week, we’re showing you how to spot a fraud call and avoid getting scammed. Microsoft, AT&T, the FBI, and the IRS—what do these four entities have in common? Most likely, you or someone you know has received a call from somebody impersonating these entities.

Business leaders often see security as an insurance policy – a box that CISOs need to tick just in case the organization comes under attack. This make it difficult for InfoSec decision makers to justify the cost of upgrading defenses. After all, we already ticked that box – right? But when it comes to automated attacks, it’s not a matter of “if” bots will target your business. It’s not even a question of “when”.

This is a Bulletproof Tech Talk article: original research from our red team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. This blog looks at obfuscating Linux Symbols using dl_iterate_phdr with callbacks. It represents original security research from the Bulletproof Red Team.

Over the last twelve months, the Internet security landscape has changed dramatically. Geopolitical uncertainty, coupled with an active 2024 voting season in many countries across the world, has led to a substantial increase in malicious traffic activity across the Internet. In this report, we take a look at Cloudflare’s perspective on Internet application security. This report is the fourth edition of our Application Security Report and is an official update to our Q2 2023 report.

Mobile devices have become so integral to both business and personal lives that it is difficult to imagine a life without them. There’s more attack surface area as a result, and it’s IT’s job to mitigate the risk of cyberattacks. Insider threats are often involved, because employees and their devices can be one of the weakest links in the security chain.

In today's increasingly digital world, where businesses rely heavily on technology for core operations, the European Union's Digital Operational Resilience Act (DORA) establishes a comprehensive framework to manage Information and Communication Technology (ICT) related risks and ensure business continuity for financial institutions and critical service providers.

Pretexting is a type of social engineering attack in which the scammer manipulates their target into sharing private information or sending money by making up a story. Pretexting can occur on the phone, via text message, through email or in person. The goal of pretexting scams is typically to infect your device with malware, steal your money, breach private data and more.

A password manager is a solution that helps users securely store, manage and share their login credentials. Some password managers also aid in securely storing additional data such as passkeys, documents, files and images. You may be familiar with browser-based password managers, which are the ones built into your browser. Or if you’re an iPhone user, you may be more familiar with the password manager built into your phone called iCloud Keychain.