A common component of modern cybersecurity infrastructure, a cloud access security broker (CASB) is technology that provides monitoring and mitigates risks from employee use of cloud services. CASBs were initially developed to fill a gap in cloud security visibility left behind by traditional firewalls, next-generation firewalls, and early secure web gateways, which struggled to identify instances of the unapproved use of cloud services, otherwise known as shadow IT or rogue IT.

In times long gone, disgruntled former employees could only do so much damage to your company, and relatively little at all to your data security. In the fast-moving world of the 21st century, however, it’s a different story. Costly data breaches and devastating thefts have been undertaken in recent years by dissatisfied staff members released from their job duties.

This blog provides an overview of the situation surrounding the release of the source code, and supplementary 'injection' files, for the Android banking trojan 'Cerberus'.

This blog summarizes the findings of an investigation into the current status of the Brazilian threat group known as 'Prilex' who came to prominence in late 2017 and early 2018 for their ATM jackpotting and point-of-sale (POS) terminal attacks. Whilst the group were believed to have been active since 2014, a distinct absence of 'chatter' and reporting of their activity since 2018 seemingly suggested that the group had ceased operations.

At the convergence of digital transformation, an industry-wide focus on SASE, and the effects of the continuing COVID-19 pandemic, there are key forces that security practitioners need to be aware of and operate within. This is the first blog in a series of three detailing these forces and how security leaders and practitioners can adapt to them in a digitally transforming, SASE-enabled world. This blog covers the forces of Business Strategy and Information Technology Operations.

About a year ago, a friend of mine decided to build an EVM (Ethereum Virtual Machine) assembler in Rust. After some prodding from him, I began to help by writing unit tests. At the time, I knew very little about operating systems and started to read about lexical and symbolical analyzers. I was quickly in way over my head. What I did retain, however, was a newfound appreciation for the OS as a whole. So, when he started raving about eBPF, I knew I was in for a treat.

Data loss prevention (DLP) tools and processes help ensure that critical data is not accessed by or tampered with by unauthorized users. The underlying technology that can make or break your success in data loss prevention is data classification. This article explains how data classification affects the success of your data loss prevention measures.

'Times they are a-changin' was a song performed by Bob Dylan many decades ago, but the words ring true now more than ever. The Covid-19 pandemic has had serious repercussions on the healthcare ecosystem and has shaken up the global economy. The pandemic has also forced millions to work remotely from their homes. According to analyst firm Gartner Inc., amid Covid-19, 88% of enterprises shifted to remote working for their employees.

With the ISO SAE 21434 standard for road vehicles coming soon, learn the role cyber security assurance levels play in your road vehicle safety program. Automotive cyber security standard ISO SAE 21434 specifies requirements for cyber security risk management of road vehicle electrical and electronic systems, including their components and interfaces. It covers engineering for concept, development, production, operation, maintenance, and decommissioning.

The rapid proliferation of digital content and the increasing sophisticated cyberattacks has forced enterprises to resort to Enterprise Digital Rights Management (EDRM) to protect their important data and information. Insider attacks are one of the most serious cybersecurity threats. Among all insider attacks, information theft is considered the most damaging in terms of potential financial loss.