Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Keeper Security has once again clinched the prestigious title of “Test Winner” in a group test of leading password managers conducted by CHIP Magazine, a renowned consumer technology publication in Germany. This marks the second consecutive year Keeper has secured this esteemed recognition, following its victory in the 2023 review.

For hackers in 2024, digital assets likely look like a gold mine. Looking back at 2023, many people in the industry celebrated that there were only $1.5 billion of funds stolen due to hacks and security breaches over the course of the year (a smaller number when contrasted with 2022’s jaw-dropping $3.8 billion).

The US National Institute of Standards and Technology (NIST) has long served as the US federal government’s officially designated creator and publisher of controls frameworks for cybersecurity. The organization developed the first NIST Cybersecurity Framework (NIST CSF) in 2014.

In the rapidly changing cybersecurity landscape, Identity and Access Management (IAM) is a critical pillar, safeguarding organizational data and access across different enterprise systems and platforms. As the head of CyberArk’s Artificial Intelligence Center of Excellence (AI CoE), I’m witnessing firsthand the transformative impact of artificial intelligence (AI) in this domain.

Microsoft has recently highlighted the abuse of the remote support tool Quick Assist in sophisticated social engineering attacks leading to ransomware infections. This blog post summarizes the threat and recommends a mitigation strategy for Netskope customers.

Flask is a powerful, lightweight, and versatile web framework for Python, that's designed to make it easy for developers to develop web applications quickly with minimal boilerplate code. It's a stand-alone microframework that doesn't need any additional libraries or tools and has no database abstraction layer.

Researchers at IBM X-Force are tracking several large phishing campaigns spreading an updated version of the Grandoreiro banking trojan. The criminal malware operation was disrupted by law enforcement in January 2024 but resurfaced in March with an expanded set of targets. The new version of the malware is targeting more than 1,500 banks in over sixty countries.

New data covering cyber insurance claims through 2023 shows claims have increased while reaffirming what we already know: phishing and social engineering are the real problem. If you’ve read enough of my articles here, you already know my view is a bit skewed towards the need for organizations to be aware of the true dangers of email-based cyber attacks.

RSA Conference, held annually in San Francisco in the spring, defines itself as an information security event that connects industry leaders and highly relevant information. 50,000 people attended in 2024, and of course, the Sumo Logic team was there to offer insights and to learn from others at the conference. During a LinkedIn Live from the show, Sumo Logic VP of Product Marketing Michael Cucchi talked about the show floor being noisy and repetitive.

AI is everywhere—but how can you be sure that your data isn’t being used to train the AI models that power your favorite SaaS apps like Slack? This topic reached a fever pitch on Hacker News last week, when a flurry of Slack users vented their frustrations about the messaging app’s obtuse privacy policy. The main issue?