A password policy is a set of rules that are usually a part of an organizations security regulations to improve computer security. These policies can be formal regulations or part of security awareness training programs that outline requirements such as minimum length, complexity and unique characters. A password must comply with these password strength rules to be set for an account.

If you click on a malicious link, also known as a phishing link, there is a possibility that you’ll get hacked. This is because clicking on a phishing link could immediately cause malware to download on your device. Alternatively, clicking on a link can direct you to a dangerous phishing website where you’re prompted to enter your personal information. Continue reading to learn more about how clicking a link can lead to getting hacked and how to avoid clicking on these malicious links.

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware. Security researchers at Ahnlab have discovered a new phishing campaign that leverages a unique user interaction. Normally, phishing campaigns simply need users to open an HTML attachment.

Cybersecurity is the most crucial curve in today’s rapidly evolving digital landscape, and all organizations of any size need to be at the forefront of it. With AI becoming mainstream, new emerging trends shape the cybersecurity industry daily.

Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months.

Passkeys are a type of passwordless authentication method that enables you to log in to your accounts without having to enter a password. Instead, you authenticate the same way you sign in to your device such as using a passcode, your biometrics or a swipe pattern. Many websites and apps have started to support the use of passkeys including Amazon. Here’s how you can set up a passkey to seamlessly sign in to your Amazon account.

Recent high-profile breaches at Ticketmaster and Santander, attributed to the ShinyHunters group, have brought the critical need for robust data protection measures to the forefront. ShinyHunters, a notorious cybercriminal group known for stealing data from various organizations for financial gain, has demonstrated how vulnerabilities in third-party platforms can lead to significant data breaches.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers alleged access to high-revenue organisations advertised by IntelBroker, TransparentTribe targeting the gaming industry with spyware, and an analysis of the FakeBat loader.

If you were one of the 70+ million people affected by the 2024 AT&T data breach, you are likely concerned about the safety of your accounts and the risk of your identity being stolen. Although some of the data is from 2019 or earlier, according to AT&T, the 2024 data breach occurred this past March when stolen customer data was found on the dark web. If you were part of this data breach, your identity could be at risk of being stolen because customers’ Social Security numbers were exposed.

In today's world, where cyber threats are increasingly sophisticated, organizations must take strong security measures to protect sensitive data and maintain operational integrity. One effective way to show your dedication to cybersecurity is by obtaining Cyber Essentials certification. This government-backed scheme in the UK helps organizations implement essential security controls to defend against common online threats.