Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Malwarebytes spotted a malvertising campaign that abused Google Ads to target people searching for Google Authenticator. If someone typed “Google Authenticator” into Google, the malicious ad would be at the top of the search results. The ad copied the website description from the real Google Authenticator, but would redirect users to a phishing site. “We can follow what happens when you click on the ad by monitoring web traffic,” the researchers explain.

This week, I’m excited to announce Cloud Enrichment for AWS, GCP, and Azure. These enhancements are designed to accelerate incident response and unlock threat hunting capabilities by automatically combining the insights of your cloud network with the native control plane data from your cloud service provider.

Identity theft is a concern for everyone living in the digital age. By stealing someone’s identity, a criminal can gain access to their credit cards and financial accounts or apply for credit using the victim’s identity. The compromise of your identity can lead to numerous troubling circumstances. Cybercriminals have learned to leverage identity theft to access vast amounts of personal and sensitive information within digital enterprises.

Cybercriminals are notorious for their opportunism. No situation is off limits: whether they exploit conflict and human suffering, blackmail vulnerable individuals by threatening to leak therapy notes, or even bring healthcare organizations to their knees, cybercriminals will stop at nothing to make a quick buck. Hurricane season is a particularly lucrative time of year for cybercriminals.

Cloud storage is a versatile and competitive market, so making a decision about choosing the best cloud storage services can seem intimidating. Fortunately, best cloud storage for personal use offers many features and services to securely store personal files, backups, sync, and protect your privacy online.

Understanding vulnerability management is crucial for maintaining the security of your systems. It involves identifying, assessing, and mitigating vulnerabilities that exist within your network, applications, and infrastructure. By gaining a deep understanding of vulnerability management, you can effectively prioritize and address security risks. One key aspect of vulnerability management is conducting regular vulnerability assessments.

The thing about nostalgia is that it conveniently omits all the past’s imperfections.

When you tell people you’re writing a piece on cybersecurity insurance, they tend to make the cock-headed, scrunched-eyebrow expression of a confused puppy.

The explosion of AI has ignited both excitement and apprehension across various industries. While AI is undeniably having a positive impact on engineering and customer service teams, cybersecurity and IT practitioners remain cautious. Concerns about data privacy, the inflexibility of disparate tools, and the sensitive nature of many mission-critical workflows—which, more often than not, require some level of human oversight—fuel a deep mistrust of LLMs by these teams.

As noted in the 2024 Gartner Market Guide for API Protection“API security governance is an emerging capability. It allows the administrator of the tool to define and enforce security policies. Unlike posture management, this is a top-down enforcement. It also allows for compliance reports for specific regulations to be generated automatically.” This capability is becoming increasingly important as organizations face a constantly evolving threat landscape.