Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trained security awareness professionals are aware that whatever someone says about themselves and personal experiences can be used against them in a social engineering scam. It is always good to share that message, at least once a year with co-workers, family members, and friends. I was reminded of this latest news story discussing a recent Instagram and TikTok trend. Basically, users are sent (or send) a “survey” that asks the receiver to describe themselves.

Data lineage and data provenance are related terms, but different. Lineage focuses on the origins and movements of data over time, while provenance focuses on the transformations and derivations of data from original sources. Provenance helps teams to follow the source of data and verify its authenticity, surfacing any potential risks or vulnerabilities. In other words, lineage is more about “where” data travels, and provenance is more about the “what” of data history.

Today’s adversaries are moving faster than ever. With the quickest attacks happening in just 7 minutes, adversaries are compromising endpoints and moving laterally before security teams can respond.1 It’s critical for organizations to have the technology to stay ahead of them.

Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively.

Part of being a part of the cybersecurity industry means looking ahead to the future and anticipating what’s to come. For most of us, we should expect a 2024 that is largely dominated by AI discussion. With the cybersecurity industry growing rapidly, AI is at the forefront of every organization’s cyber plans and plays an integral role in all technological advances.

Today’s cyber threat landscape necessitates that we, as defenders of the enterprise, place identities at the center of our detection, prevention and response efforts. Indeed, threat actor tactics and techniques observed in the wild demonstrate that credential theft presents a large risk to the confidentiality, integrity and availability of our systems - be they on premises or in the cloud.

In the underground cybercrime circles of the Dark Web, ransomware attacks are a particularly lucrative enterprise. These attacks are on the rise. And they’re disrupting the stalwart IT industry. The average cost of a ransom attack in 2023 was $1.54 million, almost double the previous year’s average. And research we gathered for The CISO Report show that 83% of organizations hit by a ransomware attack paid their attackers. Curious which industry is most likely to pay the ransom? Retail.

Cooper Aerobics is a health and lifestyle entity concerned with providing comprehensive wellness solutions. As a business organization, their brand includes The Cooper Institute, a Clinic, a Fitness Center, a Spa, a Vitamin line, Wellness Strategies, and a Hotel.

As part of our effort to make the world safer, SecurityScorecard has been tracking threat actor groups conducting cyberattacks on behalf of nation states.

Hackers want stolen medical records to commit identity theft, use the stolen data as a ransom, sell it on the dark web or impersonate the victim to receive medical services. Medical records are valuable to cybercriminals as they allow cybercriminals to commit fraud and go undetected longer than they can with other Personally Identifiable Information (PII).