The digital world is a blink-and-you’ll-miss-it environment, and organizations need to move aggressively to shrink the exploitable vulnerability window. Adversaries are breaching the security periphery through 0day exploits, social engineering, and phishing attacks, among other tactics. Based on current...
2021 has been witnessing phishing or pretexting — types of social engineering attacks, leading all Data Breach Reports. The fraudulent practice of sending emails to incite targeted individuals to divulge confidential information and make wire transfers is no more...
Despite regular security audits, attackers continue to intrude on business and government networks by exploiting unpatched vulnerabilities. To help federal civilian agencies in the U.S. manage their vulnerability disclosure process, the Cybersecurity and Infrastructure Security Agency (CISA) unveiled a...
Cybercriminals always aim high when targeting organizations and demanding ransom. The pandemic has given opportunistic hackers time to come up with innovative phishing attacks and extortion schemes. And ransomware, in particular, has continued to reach unprecedented heights since the...
The most trending cybersecurity news last month was about the Pegasus Spyware incident. This isn’t the first time we’ve heard about Pegasus; remember the 2019 incident where Pegasus was infecting phones through WhatsApp? However, the issue garnered a lot...
By 2022, 90% of new enterprise applications will be cloud-native. Yet, 50% of organizations find that native security controls are inadequate and have added third-party solutions to fully meet their needs. While cloud-native security is on the rise, does it...
API security has often been a blind spot for enterprises. In fact, it’s very common to see unauthenticated APIs. In most cases, these mostly occur due to overlooked authentication and authorization protection for the APIs in the development process....
While cloud computing is helping organizations in advancing their operations, data leaks due to cloud misconfigurations are giving nightmares to businesses. A threat analysis from cybersecurity research firm WizCase revealed a data breach that affected Reindeer, an American marketing...
Microsoft 365 Defender Threat Intelligence Team uncovered an ongoing malware campaign tricking victims into downloading malware on the targeted systems. The campaign, dubbed as BazaCall, is reportedly leveraging bogus call centers and duping social engineering victims to download BazaLoader...
If your office computer is working fine under a secure network, it is because your system administrators work relentlessly to keep the organization running securely. The system administration personnel are responsible for various operations in an organization, such as...
