When you think of cybersecurity, your mind likely goes to external threat actors — malware, ransomware, spearphishing attacks, and other malicious activity. However, it’s crucial to note that 60% of data breaches are caused by insider threats, and a staggering 74% of organizations are at least moderately vulnerable to them. It’s not everybody else your organization needs to worry about; it’s your own people.

As the number and severity of third-party breaches continues to rise, companies are scrutinizing more closely not just how they handle data, but how their vendors do as well. For security leaders, this means more security reviews are coming across their desk everyday. ‍ Limited resources and legacy processes make it hard for security teams to keep up with the pace of business.

Cloud storage services and SaaS apps like Google Drive and Microsoft OneDrive provide convenient, scalable solutions for managing documents, photos, and more—making them indispensable for modern work and personal life. However, misconfigured settings and permissions can lead to serious security breaches, noncompliance, and even the loss of customer trust. Let’s explore the 5 most common misconfiguration issues with real-world examples.

In the vast and interconnected world of information technology, the security of network services and protocols is paramount for organizations of all sizes. Among these, Samba—a free software re-implementation of the SMB/CIFS networking protocol—plays a crucial role in facilitating file and print services across various operating systems, including Unix, Linux, IBM System 390, and Windows.

As the world becomes more and more digitally intertwined, the significance of data security cannot be overstated. Data theft, a critical threat to organizations worldwide, poses severe challenges, jeopardizing both reputational integrity and financial health. This blog post aims to dissect the concept of data theft, understand its impacts on organizations, and outline proactive measures to safeguard against such threats.

As application architectures shift to the cloud and the velocity of software delivery accelerates, organizations are seeking more powerful capabilities to identify security vulnerabilities within their production applications. Traditional static application security testing (SAST) tools, by themselves, are insufficient.

With all great power, there comes an equal potential for misuse. Among the sophisticated arsenal of threat actors, impersonation attacks have surged to the forefront, which questions our sense of trust.

Suspected North Korean threat actors are attempting to trick software developers into downloading malware during phony job interviews, according to researchers at Securonix. The threat actors contact software developers with seemingly legitimate employment opportunities before scheduling virtual job interviews.

In our recent research “Better Safe Than Sorry”, we reported how the number of exposed OT/ICS devices in Japan grew by 372% over the past six years. During this time, several notable cyber-attacks targeted businesses and government entities in Japan. The substantial increase in exposed OT/ICS combined with the recent cyber-attacks in Japan has prompted us to give a deeper look at the current threat landscape in the country.