In today’s digital world, cyber threats are a constant concern for businesses of all sizes. According to a 2024 survey by the UK government’s Department for Science, Innovation & Technology (DSIT), 74% of large and 70% of medium businesses reported experiencing a recent cyber attack. Data breaches, malware attacks, and phishing scams can cripple operations and damage your reputation.

The BBC recently reported that Booking.com is warning that AI is driving an explosion in travel scams. Up to 900% in their estimation - making it abundantly clear that while AI can be a force for good, it can also be a formidable weapon in the arsenal of cybercriminals. One of the most concerning trends we've observed is the increasing use of AI by cybercriminals to carry out sophisticated phishing attacks.

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests. When the security awareness training (SAT) industry started over a decade ago, there was some controversy about whether simulated phishing tests should be conducted. The idea of simulated phishing testing was relatively new and some people took them as not only unusual, but potentially unethical and unneeded.

We’re thrilled to share that the CrowdStrike Falcon sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes deeper into the integration and shares how customers leveraging Google Cloud Run and CrowdStrike can deploy Falcon quickly to enhance their serverless security requirements.

Have you ever wondered what it takes to ensure that the data behind every life-saving surgery, every critical care decision, and every patient record is not only secure but also instantly recoverable in the face of cyber threats? In the world of healthcare, where every second can mean the difference between life and death, this isn't just a technical challenge - it's a mission.

Properly architecting and designing solutions for clean room recovery is a crucial step for any organization looking to become more resilient to cyber threats. Clean rooms provide organizations with an isolated environment where data integrity and recovery processes are insulated from external threats. By providing a clean room environment, organizations can expedite security investigations and recovery timelines in the event of a cyber attack.

Security teams are drowning in alerts and manual tasks, and the weight of human error hangs heavy. Repetitive tasks lead to fatigue, where overlooked details can have devastating consequences. In a high-stakes environment where misconfigurations, accidentally exposed secrets, and delayed responses spell disaster, security teams desperately need tools to reduce the risk and pressure.

The Sansec.io research team warned today that a script from the polyfill.io domain and service, which was purchased earlier this year by a Chinese company named ‘Funnull’, has been modified to introduce malicious code on websites in a supply chain attack. Currently over 100,000 sites could be impacted.

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian data privacy law that governs how private sector organizations collect, use, and disclose personal information when conducting commercial activities. By setting strict requirements for private businesses, PIPEDA ensures that individuals and customers have control over how their data is managed.

Incident Overview In a significant breach of healthcare data security, the Qilin ransomware gang has leaked 400GB of NHS and patient data on Telegram. The group, identified as the Qilin ransomware gang, claimed responsibility for the exfiltration and demanded a $50 million ransom, threatening to release the data if their demands were not met. Following failed negotiations, the gang followed through on their threat and made the entire dataset public.

In a recent cybersecurity incident, tens of thousands of Levi's customers had their accounts compromised following a credential stuffing attack. According to a notice published on the Maine Office of the Attorney General's website, 72,231 individuals were potentially impacted by the breach on June 13. Incident Details On June 13, Levi's detected unusual activity on their website, indicating a credential stuffing attack.