You need to protect your Social Security number to prevent identity theft. Threat actors can use your Social Security number to commit fraud and leave you with lasting effects such as debt, damaged credit and financial loss. It can be difficult to tell if someone uses your Social Security number without your permission.

Bumblebee returns from hiatus, PikaBot reappears with optimized code, and threat actors distribute spam via AWS SNS.

Open source security is a term used to describe the process of protecting your organization’s data and network from attack by using open-source software. It refers to the use of open-source software (OSS) for data protection. Open source software is free to use, meaning that anyone can access it without paying fees. This allows organizations to take advantage of the collective knowledge and experience of thousands of people who have contributed code or worked on projects together.

Researchers at VIPRE Security observed a 276% increase in malware delivered by phishing between Q1 and Q4 of 2023. “Last year, our YARA rules caught between one and two million generic malware instances each quarter, with a nearly 20% jump in Q4,” VIPRE’s report says.

I recently read an article about a bright, sophisticated woman who fell victim to an unbelievable scam. By unbelievable, I mean most people reading or hearing about it could not believe it was successful. A group posing as an Amazon employee and various U.S. law enforcement agencies were able to convince a woman to take $50,000 out of her bank account in cash and hand it off to a complete stranger in the streets. It is a wild story and most of us would not be tricked into doing what happened to her.

Microsoft's Patch Tuesday updates in February 2024 include critical fixes for two zero-day vulnerabilities: CVE-2024-21413 impacting Microsoft Outlook (called MonikerLink) and CVE-2024-21410 impacting Microsoft Exchange Server. The former allows remote code execution to access and leak privileged information, while the latter permits privilege escalation (potentially using credentials leaked by the former). These security risks expose a victim's machine to potentially malicious arbitrary code execution.

The CrowdStrike Global Threat Report, now in its tenth iteration, examines how adversaries’ behavior poses an ever-expanding risk to the security of organizations’ data and infrastructure. Armed with this critical information, organizations are better equipped to face evolving threats. Stealth was the pervading theme of the 2023 threat landscape.

In today's interconnected digital ecosystem, businesses are constantly seeking efficient and secure solutions to manage user authentication across multiple applications and domains. Identity Federation and Single Sign-On (SSO) stand out as two prominent approaches, each offering distinct advantages and use cases. Let's explore the differences between Identity Federation and SSO, their benefits, and how they address the evolving needs of enterprises.

Containers have revolutionized development in the cloud, allowing dev teams to work with unprecedented speed, efficiency, and scale. But securing containers at that speed and scale can be a thorny problem. The infrastructure of containers is complex and contains multiple attack vectors, and most enterprises don’t have the time or resources to secure all attack vectors for all containers.