Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Salesforce Becomes the Latest Platform to Unwittingly Aid Phishing Scammers

Cybercriminals used the legitimacy of Salesforce’s email gateway to bypass security scanners and target Meta customers in an effort to steal Facebook credentials. One of the initial challenges any phishing attack has is to make it past security measures designed to scan and identify malicious emails. One such way is to misuse a legitimate well-known platform’s outbound sending of emails.

What is a Code Signing within the Public Key Infrastructure (PKI)?

Public Key Infrastructure (PKI) is a fundamental backbone, empowering the seamless use of cutting-edge technologies like digital signatures and encryption across vast user populations. It encompasses a comprehensive suite of hardware, software, policies, processes, and procedures, working harmoniously to create, manage, distribute, use, store, and revoke digital certificates and public keys.

The rise of AI in software development

Generative artificial intelligence tools are changing the world and the software development landscape significantly. Our webinar series will help you understand how. The popular press continues to reverberate with stories about the miracles of generative artificial intelligence (GAI) and machine learning (ML), and all the ways it might be used for good—and for bad. There’s hardly a tech company that isn’t talking about how GAI/ML can enhance its offerings.

17 Best Cloud WAAP & WAF Software in 2023

A web application firewall is a security software that observes and filters HTTP/HTTPS traffic between a web application and the internet. While this has been available for decades, with the evolution of the threat landscape, WAFs have also added additional capabilities to protect not only web apps but also APIs against a range of attacks, including DDoS and bot attacks. So, the category has evolved and is currently called Web Application and API Protection (WAAP).

Weekly Cybersecurity Recap August 11

New companies are hurt by significant data breaches every week, especially in the United States. This week insurance companies were the big target. Prudential, Progressive, and a range of insurance providers that work with PH Tech were all hit by data breaches. Allegheny County, Pennsylvania, and the Colorado Department of Higher Education were also victims of their own data breaches. Millions of individuals were exposed to potential data losses between these different breaches.

Implementing Managed XDR Services: Best Practices

As the complexity and sophistication of cybersecurity threats increase, businesses across all sectors are seeking effective solutions to protect their critical data and digital infrastructures. One emerging solution is Extended Detection and Response (XDR), an integrated suite of security products that collectively provide preventive, detective, and responsive capabilities. As organisations in the UK increasingly consider this approach, let's delve into the best practices for implementing managed XDR services.

Securing Third-Party Integrations in EHR Software: A Collaborative Endeavor

Electronic Health Records (EHR) stand at the intersection of healthcare and technology, offering a digital representation of patient health histories. A vital aspect of EHR's efficacy is the seamless exchange of patient data between various systems and third-party tools. This interplay ensures that healthcare providers have the most up-to-date information on their patients, irrespective of where the initial data originated.
Featured Post

How Financial Services Cyber Regulations are Hotting Up For API Security

Financial services firms deploy an increasingly complicated mix of technologies, systems, applications, and processes to serve customers and partners and to solve organisational challenges.Focused heavily on consumer hyper-personalisation, banks are evolving more and more digital assets and services to meet and exceed growing customer experience expectations.

What Is Call Spoofing?

Call spoofing is when someone, usually a scammer or cybercriminal, disguises their caller ID information to hide who they really are. Call spoofing can also spoof the cybercriminal’s location to make it appear as if the call is coming from a specific location. With call spoofing, the caller will pretend to be someone they’re not to convince the individual to provide them with their personal information.

Spot risks with our new IP view

Customers often tell us of instances where someone in their team spins up a new machine that isn’t using an approved geolocation, or that they see an unexpected spike in hosting from a particular country. These anomalies can put an organization at risk, especially since they are difficult to spot in an automated way.