File-sharing phishing attacks have skyrocketed over the past year, according to a new report from Abnormal Security. “In file-sharing phishing attacks, threat actors exploit popular platforms and plausible pretexts to impersonate trusted contacts and trick employees into disclosing private information or installing malware,” the report says.

Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices.

Hospitals face a challenging dilemma: delivering the highest quality of medical care while shielding patient and family data from ever-evolving cyber threats, all while ensuring that critical operations continue uninterrupted. At Trustwave, we understand the immense pressure hospitals are under and are dedicated to creating a safer digital environment where healthcare providers can thrive, and patients receive the uncompromised care they deserve.

The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics. According to Coveware’s Q2 2024 Ransomware Quarterly Report, we see a few interesting trends: A new data point brought to light this quarter is the data exfiltration only (DXF) payment trend, which is relatively flat despite fluctuating between 53% in Q1 of 2022 when tracking began, down to a low of 23% in Q1 of this year.

Remember asking your teachers when you would need to know history facts outside of school? They probably said that learning history is important in understanding our past and how society has changed and progressed over time, and that we can learn from past experiences and mistakes. They were right, of course (even if it might not have felt like it then). And that’s all equally true when it comes to the history of security.

In today's rapidly advancing technology landscape, the role of people in workflow automation and orchestration is more critical than ever. At Tines, we firmly believe that human oversight should be an integral part of important workflows, ensuring that all decisions are grounded in context and experience. AI in Tines is secure and private by design. This means the platform doesn’t train, log, inspect, or store any data that goes into or comes out of language models.

Black Hat 2024 has come and gone. The Nucleus team attending the show has (mostly) caught up on their sleep, which can mean one thing – a look back at the conference and our impressions of the event.

The article released on August 13, 2024 regarding the security update for Windows 11 for hot fix KB5041571 discusses the new features and improvements to the operating system. The security update includes changes to the lock screen, NetJoinLegacyAccountReuse, Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI), and Domain Name System (DNS). The article also includes a servicing stack update to improve the reliability of the Windows update process.

The OWASP Mobile Top 10 lists the foremost crucial security risks in mobile applications. This list is essential for developers, security professionals, and organizations to prioritize their resources while addressing mobile app development vulnerabilities in order of severity.

E-gift cards can be safe to buy; however, there are some risks you should consider before purchasing them. Some cybercriminals will buy e-gift cards with stolen payment information and then resell them to others for a profit. Because e-gift cards require little to no personal information, cybercriminals can get away with scamming people with e-gift cards. Continue reading to learn more about the risks of using e-gift cards and how you can avoid being scammed.