Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

AI-Powered Investment Scams Surge: How 'Nomani' Steals Money and Data

Cybersecurity researchers are warning about a new breed of investment scam that combines AI-powered video testimonials, social media malvertising, and phishing tactics to steal money and personal data. Known as Nomani — a play on "no money" — this scam grew by over 335% in H2 2024, with more than 100 new URLs detected daily between May and November, according to ESET's H2 2024 Threat Report.

Phishing Campaign Targets YouTube Creators

An email phishing campaign is targeting popular YouTube creators with phony collaboration offers, according to researchers at CloudSEK. The emails contain OneDrive links designed to trick users into installing malware. “The malware is hidden within attachments such as Word documents, PDFs, or Excel files, often masquerading as promotional materials, contracts, or business proposals,” the researchers explain.

CrowdStrike Named a Leader in 2024 GigaOm Radar for Container Security

CrowdStrike has been recognized as a Leader and Fast Mover in the 2024 GigaOm Radar for Container Security, marking another milestone in our mission to secure the cloud with the industry's most unified and comprehensive cloud security solution. Kubernetes has become the fastest-growing project in the history of open-source software — more than 60% of enterprises have adopted it.

CrowdStrike Earns AAA Award, 100% Total Accuracy Score in SE Labs Q3 Enterprise Advanced Security Test

The CrowdStrike Falcon platform started 2024 being recognized as SE Labs’ Best Endpoint Detection and Response 2024 award for the third consecutive year. Adversaries never stop and neither do we — CrowdStrike Falcon is the only platform that provides a unified view of stealthy threats across multiple domains exploited in attack paths.

LLMs - The what, why and how

LLMs are based on neural network architectures, with transformers being the dominant framework. Introduced in 2017, transformers use mechanisms called attention mechanisms to understand the relationships between words or tokens in text, making them highly effective at understanding and generating coherent language. Practical Example: GPT (Generative Pre-trained Transformer) models like GPT-4 are structured with billions of parameters that determine how the model processes and generates language.

Cybersecurity Consultants: How They Safeguard Your Business Operations

In the digital world of today, there are more and more cyber risks that can hurt their operations, customers' trust, and bottom line. Cyberattacks are changing quickly. Ransomware, hacking, and data breaches are just a few examples of how they hurt businesses financially and publicly. Recent studies show that hacking will cost the world an estimated $10.5 trillion every year by 2025. This shows how important it is to have strong security measures right away.

10 Best API Security Testing Companies To Consider in 2025

Every single day, billions of API calls happen across the internet. Behind your favorite applications, APIs work quietly to move data and connect systems. But with the growing use of APIs, API attacks didn’t just increase – they exploded. Take the Optus breach in September 2022, in which attackers exploited an unprotected API endpoint and accessed the personal data of up to 9.8 million customers, leading to a $10 million fine.

API Security: A Technical Guide

In the rapidly changing field of software development, application programming interfaces (APIs) are very powerful tools. They allow different applications to communicate, share data, and collaborate seamlessly, constituting approximately 71% of all web traffic. However, as APIs become more essential to our applications, they also attract cyber threats. In fact, 57% of organizations reported experiencing at least one API-related data breach in the past two years.

Enhancing Corporate Governance in the Digital Age: Integrating Cybersecurity into ESG Stewardship

In an era where digital resilience is vital to corporate health, cybersecurity is a critical governance issue. The partnership between Bitsight and Glass Lewis underscores this reality by providing companies with a forward-thinking approach to assessing cybersecurity as part of Environmental, Social, and Governance (ESG) considerations.

The Aftermath of the Kaspersky Ban

In the spring of 2024, amid growing international concern about supply chain risk and the trust and reliability of technology suppliers, the United States banned Kaspersky Lab, Inc., the Russia-based antivirus company from providing its products to the US market. The ban went into effect on September 30, 2024. What impact has the ban had on US and global usage of Kaspersky? Has it been effective? A new analysis from Bitsight contains some surprising results.