Welcome to the 17th edition of Cloudflare’s DDoS threat report. This edition covers the DDoS threat landscape along with key findings as observed from the Cloudflare network during the first quarter of 2024.

In this week’s episode of The Future of Security Operations podcast, I'm joined by George Griesler. George has been working in cybersecurity since 1997, when he assumed the role of Senior Network administrator at the United States Golf Association (USGA), eventually advancing to Director of Information Security.

Brute force attacks are one of the most common methods used by cybercriminals to steal credentials from organizations. To prevent brute force attacks, organizations need to enforce the use of strong and unique passwords, invest in a business password manager, require employees to enable MFA, monitor and limit login attempts, implement passwordless authentication and delete inactive accounts.

In a digital era marked by rapidly evolving threats, the complexity of cybersecurity challenges has surged, pressing organizations to evolve beyond traditional, tech-only defense strategies. As the cyber landscape grows more intricate, there's a pivotal shift towards embracing methods that are not just robust from a technical standpoint but are also deeply human-centric.

Telehealth or telemedicine is one of the most common ways of providing healthcare services in the EU, with nearly 77% of countries adopting some type of telehealth service. Countries like Norway, Sweden, Denmark, and Italy are considered some of the world’s leaders in providing telehealth services. Following the COVID-19 pandemic, telehealth became widely adopted across Europe, with many countries participating in cross-border collaboration.

Achieving an effective bring-your-own-device (BYOD) program has been aspirational for many IT organizations. There are explicit security and privacy concerns, which have led many admins to sour on the concept, despite its benefits. Admins have even reluctantly accepted the risk of personal PCs being left unmanaged, which leaves gaps in management and visibility.

Keeper Security is pleased to announce that passphrases are now supported in the Keeper Vault. Passphrases provide a highly secure yet easy-to-remember approach to logins for all users, and can be both generated and stored with Keeper. Keeper’s passphrase generator is a new option within its existing password generator. Users and admins will have the choice of which generator they would like to use or enforce for their organization.

To help secure sensitive data, emails that include health and care information sent to and from health and social care organisations are required to meet the Secure Email Standard (DCB1596). In this article, we discuss the standard, what it covers, and how to ensure your organisation fully meets its requirements.

With the growing dependence of businesses on digital platforms for storing and processing sensitive information, the threat of data exfiltration has become a pressing issue. The evolution of exfiltration techniques has given rise to threat actors who exploit insecure devices and engage in suspicious activities to steal valuable data. These activities often involve unauthorized physical access or social engineering attacks to obtain login credentials with malicious intent.

Generative AI is an exciting technology that is now easily available through cloud APIs provided by companies such as Google and OpenAI. While it’s a powerful tool, the use of generative AI within code opens up additional security considerations that developers must take into account to ensure that their applications remain secure. In this article, we look at the potential security implications of large language models (LLMs), a text-producing form of generative AI.