'

Cisco unveils AI-powered assistants to level up security defenses

Cisco unveils AI-powered assistants to level up security defenses

Cisco is making a bid to drive artificial intelligence (AI) deeper into its cloud security platform, launching a new feature, AI Assistant for Security, a cross-domain AI-driven assistant designed to help organizations of all sizes level up their defenses against the rising tide of threats. “With attacks getting more sophisticated and the attack surface getting … Read more

Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft observed a surge in cyberattacks targeting identities in 2023, with attempted password-based attacks increasing by more than tenfold in the first quarter of 2023 compared to the same period in 2022. Threat actors leverage compromised identities to achieve a significant level of access to target networks. The compromise of an identity, under certain circumstances, … Read more

How Microsoft and Amazon are expanding the fight against international tech support fraud

How Microsoft and Amazon are expanding the fight against international tech support fraud

On October 19th of this year, India’s federal enforcement agency, the Central Bureau of Investigation (CBI), announced it had conducted multiple criminal raids against fraudulent call centers in various cities across India. This operation was supported by a joint referral from Microsoft and Amazon, which enabled the exchange of actionable intelligence between CBI and other … Read more

Russia’s Fancy Bear launches mass credential collection campaigns

Russia’s Fancy Bear launches mass credential collection campaigns

A threat group associated with the Russian military intelligence service was behind several mass attack campaigns that exploited known flaws in Outlook and WinRAR to collect Windows NTLM credential hashes from organizations in Europe and North America. The high volume of emails is unusual for cyberespionage groups, which are typically highly targeted in their victim … Read more

Addressing vulnerabilities in OT environments requires a Zero Trust approach

Addressing vulnerabilities in OT environments requires a Zero Trust approach

Cyberattacks on operational technology (OT) systems are rapidly rising. In fact, manufacturing was one of the sectors most impacted by extortion attacks last year, according to Palo Alto Networks Unit 42, as reported in the 2023 Unit 42 Extortion and Ransomware Report.  Attacks against OT systems can have a significant impact, including physical consequences such … Read more

New Synopsys Report Reveals Application Security Automation Soars

New Synopsys Report Reveals Application Security Automation Soars

Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model (BSIMM) report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across various industries such as cloud, financial services, FinTech, ISV, insurance, IoT, healthcare, and technology. The report highlights a significant surge in the … Read more

Over 80% of IT Leaders Want to Move Their On-Prem PAM Solution to the Cloud

Over 80% of IT Leaders Want to Move Their On-Prem PAM Solution to the Cloud

A new report by zero-trust and zero-knowledge cybersecurity software providers Keeper Security has found that over 80% of IT leaders (82%) want to move their on-premises Privilege Access Management (PAM) solution to the Cloud. The findings were outlined in a report entitled Keeper Security Insight Report: Cloud-Based Privileged Access Management. The report explores what IT and … Read more

Protecting credentials against social engineering: Cyberattack Series

Protecting credentials against social engineering: Cyberattack Series

Our story begins with a customer whose help desk unwittingly assisted a threat actor posing as a credentialed employee. In this fourth report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a credential phishing and smishing (text-based phishing) cyberattack that targeted a legitimate, highly-privileged user with … Read more

Centripetal Announces Partnership With Tiger to Provide Cybersecurity Innovation to the UK Market

Centripetal Announces Partnership With Tiger to Provide Cybersecurity Innovation to the UK Market

Today, intelligence powered cybersecurity pros Centripetal have announced that their patented cybersecurity threat solution is available for the first time ever across the UK as a result of its strategic partnership with Tiger. Centripetal’s innovative technology is currently deployed by over 100 customers in the U.S., where the company is headquartered. Earlier this year, Centripetal … Read more

Deepfakes emerge as a top security threat ahead of the 2024 US election

Deepfakes emerge as a top security threat ahead of the 2024 US election

The United States is heading into a crucial election year, with a high-stakes presidential election that could determine the republic’s fate for decades. In addition, all 435 seats in the United States House of Representatives, 34 Senate seats, and 13 governorships are up for grabs, along with thousands of local government elections. While official sources … Read more

How cybersecurity teams should prepare for geopolitical crisis spillover

How cybersecurity teams should prepare for geopolitical crisis spillover

From Russia’s invasion of Ukraine to Hamas’s recent assault on Israel, it’s difficult to deny that geopolitical crises come with diversifying cybersecurity footprints. In Ukraine, early digital Russian actions in support of the invasion struck not just government targets, but also satellite operators, media firms, and manufacturing companies. Over nearly two years, the cyber dimensions … Read more

Latest copyright decision in Germany rejects blocking through global DNS resolvers

Latest copyright decision in Germany rejects blocking through global DNS resolvers

A recent decision from the Higher Regional Court of Cologne in Germany marked important progress for Cloudflare and the Internet in pushing back against misguided attempts to address online copyright infringement through the DNS system. In early November, the Court in Universal v. Cloudflare issued its decision rejecting a request to require public DNS resolvers … Read more