With the widespread use of AI technology, numerous AI models gather and process vast amounts of data, much of which comprises personal information utilized to offer personalized experiences. However, this abundance of data poses inherent risks, particularly in terms of privacy and security. As AI systems become more sophisticated, the potential for...

In the modern digital landscape, cybersecurity is paramount, making the differentiation between vulnerability scanning and penetration testing essential for safeguarding organizational assets. Vulnerability scanning offers a broad sweep for potential security weaknesses, serving as an early warning system. Penetration testing takes a more targeted...

Tripwire's April 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. Firsts on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve 2 spoofing vulnerabilities. Next on the patch priority list this month is a patch for Microsoft Office and Excel that resolves spoofing and remote...

With cybersecurity, the digital battlegrounds stretch across the vast expanse of the internet. On the one side, we have increasingly sophisticated and cunning adversaries. On the other, skilled cybersecurity practitioners who are desperate to protect their companies’ assets at all costs. One fundamental truth rings clear: it’s an ongoing and...

Supply chain attacks are a serious and growing threat to businesses across all industries. However, these attacks pose an even greater risk for manufacturers in critical infrastructure sectors. One pernicious form of supply chain attack is spoofing, where attackers impersonate legitimate suppliers to sneak malicious code or components into products...

In 1971, Ray Tomlison developed the first email service while working at The Defense Advanced Research Projects Agency (DARPA). This development changed how we communicated. However, even though this was an exceptional tool, it was not very user-friendly, requiring users to have specific software installed on their computers. In 1996, Sabeer...

Most people remember the iconic movie Terminator, in which the cyborg T-800 was dispatched back in time from the year 2029 with the mission to eliminate Sarah Connor. She was destined to give birth to the future leader of the human resistance against machines, thus threatening their dominance. If Sarah were killed, humanity's fate would be sealed,...

Statista shows a near doubling of data compromises between last year (3,205) and the year before (1,802). Cybercriminals go where the data goes, and there is more need than ever for effective database security measures. These tactics differ from network security practices, which rely heavily on software solutions and even employee best practices....

What's going on? A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. What's "junk gun" ransomware? It's a name coined by Sophos researchers for unsophisticated ransomware that is...

Tech leaders taking cybersecurity seriously is something of a double-edged sword. While it’s undoubtedly good that organizations are waking up to the genuine threat cyberattacks pose, it’s depressing that they must siphon off so many resources to protect themselves rather than using them for growth and innovation. A recent survey of UK technology...

Alexandre Dumas's timeless novel "The Three Musketeers" immortalized the ideal of unyielding solidarity, the enduring motto "All for one and one for all." In the face of ever-evolving threats in the digital realm, the European Union echoes this spirit with its landmark Cyber Solidarity Act. This new legislation recognizes that collective defense is...

In 2023, companies lost about $4.45 million on average because of data breaches. As cyber threats advance, securing endpoints is more important than ever. An advanced Host-based Intrusion Detection System (HIDS) provides a sturdy remedy to improve endpoint security. By monitoring and examining system responses and device status, HIDS identifies and...

The experience of seeing a doctor has transformed dramatically, thanks in part to the emergence of telemedicine. This digital evolution promises convenience and accessibility but brings with it a host of cybersecurity risks that were unimaginable up until a few years ago. The unique cybersecurity challenges facing telemedicine today underscore the...

Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. A major international operation, led by the UK's Metropolitan Police, has seized control of LabHost, which has been helping cybercriminals create phishing websites since 2021 to steal sensitive information...

I’m always surprised – and a little disappointed – at how far we have to go before supply chain cybersecurity gets the respect and attention it deserves. I sat down this week with a new client who wanted some help addressing several internal issues surrounding their IT systems. When I asked them about their relationship with the supplier –...

Cybersecurity has always been a complex field. Its adversarial nature means the margins between failure and success are much finer than in other sectors. As technology evolves, those margins get even finer, with attackers and defenders scrambling to exploit them and gain a competitive edge. This is especially true for AI. In February, the World...

Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all of these security configurations can be a daunting responsibility for security or...

Generative AI has exploded in popularity across many industries. While this technology has many benefits, it also raises some unique cybersecurity concerns. Securing AI must be a top priority for organizations as they rush to implement these tools. The use of generative AI in manufacturing poses particular challenges. Over one-third of...

In the first quarter of every year, organizations around the world release reports summing up data breach trends from the previous twelve months. And every year, these reports say broadly the same thing: data breach numbers have gone up again. This year is no different. Or is it? Compromises Up, Victims Down However, the Identity Theft Resource...

What's going on? A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways - locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with the threat of releasing it to...