Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Payment Card Industry Data Security Standard, or PCI DSS, is a set of globally recognised requirements designed to ensure that all companies that process, store, and transmit credit card data continually maintain a secure environment. It doesn’t matter whether you’re a small independent store or a large e-com brand, if your business handles payment data directly or through a payment gateway, PCI DSS applies to you.

When I was a young boy besides wanting to be a pro football player and an astronaut, I also wanted to be a firefighter. There was something about trucks, sirens, and danger that made firefighters heroes.

Email remains the primary communication tool for businesses of all sizes. Unfortunately, threat actors are experts at evading secure email gateways, making email the most exploited entry point for cybercriminals. Recent history is littered with examples of devastating attacks that started with a seemingly innocuous email.

Operational Technology (OT) environments are increasingly under pressure from evolving cyber threats. With digital transformation accelerating across industries, the need for comprehensive visibility into all connected assets is more important than ever. According to the 2022 OT/ICS Cybersecurity Survey by SANS Institute, nearly 40% of industrial organizations reported lacking a complete inventory of OT assets—highlighting the urgent need for comprehensive cyber asset visibility.

Phishing remains one of the biggest cyber threats in circulation today. Billions of emails are sent every single day and together they claim thousands of victims, whether businesses or private individuals. Yet if the phishing attack is so well known, why do most people still fall for the trick? CSO Online reports that 80% of all security incidents are attributed to phishing.

ClickFix has quickly become a rampant social-engineering tactic. First observed back in October 2023, it aims to trick users into pasting commands into the run dialog box under the guise of verifying the user’s connection and authenticity to the domain. Given its ease of use and ability to bypass technical security measures, adoption of ClickFix has been growing at an alarming rate.

I hear a lot these days about SBOMs and how they are going to be the key to supply chain security accountability, to even include a Presidential Executive Order mandating SBOMs in the procurement process for federal agencies. There are multiple areas of research going on in this area, such as this Academic SBOM Repository. But before we get too far down the road, let’s get one thing straight: SBOM isn’t going to save us. It’s a transparency tool, not a solution.

When it comes to data security, you want it to be accurate, reliable, thorough, and fast. Ideally, faster today than it was yesterday, and faster tomorrow than it was today, to address increasing data security needs in the same amount of time or less. We’re seeing a growing prevalence of employees using unmanaged devices, handling sensitive organizational structured and unstructured data, and accessing managed and unmanaged apps with those devices and that data.

With Keeper’s One-Time Share feature, sharing confidential information with someone who doesn’t have a Keeper account doesn’t have to be complicated. One-Time Share provides time-limited, “read only” access to a Keeper record with anyone, without exposing information over email, text message or messaging.