Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The fight against cyber threats remains a top priority for all organizations, including phishing attacks. SlashNext just released its much-anticipated annual "State of Phishing Report for 2023." This report sheds light on the alarming surge in phishing threats across email, web, and mobile channels. We will delve into the key findings and insights from the report, highlighting the growing influence of generative AI tools in cybercriminal activities. The Phishing Landscape: A Disturbing Uptick.

Cloud application, platform, and infrastructure vendors (cloud service providers, or CSPs) do a great job of advertising online. They offer seemingly painless ways to sign up for their services through “freemiums” and two-week trials, advertisements that follow you from Google to LinkedIn, and what appear to be straight-forward sales processes.

We’ve said it before but it bears repeating: application security isn’t optional anymore. Customers at every level are demanding that the applications they use are secure from the start. Software vendors are well aware of this.

A10 Networks has expanded its robust application delivery controller (ADC) solution to Google Cloud Platform (GCP), meeting the increasing demand for powerful and scalable application delivery in the cloud. Customers can now rapidly deploy A10 Thunder® ADC on GCP via the Google Cloud Marketplace.

The 2023 SANS Survey on API Security (Jun-2023) found that less than 50 percent of respondents have API security testing tools in place. Even fewer (29 percent) have API discovery tools. Wallarm delivers both these capabilities via our single, integrated App and API Security platform. Wallarm has long offered the ability to generate OpenAPI Specifications (aka Swagger) based on actual traffic across your endpoints.

President Joe Biden, on October 30, signed the first-ever Executive Order designed to regulate and formulate the safe, secure, and trustworthy development and use of artificial intelligence within the United States. Overall, Trustwave’s leadership commended the Executive Order, but raised several questions concerning the government’s ability to enforce the ruling and the impact it may have on AI’s development in the coming years.

Ransomware is a scourge that is on track to inflict over $30 billion in damages in 2023. Businesses and organizations that are hit by a ransomware attack face a potentially devastating data breach, with system downtime, recovery, negative publicity and the likelihood of a ransom payment to deal with. Many small businesses are unable to recover from the ordeal and end up permanently shutting their doors within months of being hit.

MSPs are under pressure to maintain business continuity while ensuring that their clients’ security capabilities are not diminished in the face of growing cyber threats and IT staff shortages. So, what if you don’t have the staff or expertise to do it all? MSPs can save on security capabilities by using a security vendor’s managed services. This allows you to focus on your core competencies while outsourcing higher-level security management to the experts.

Spear phishing was the most common attack technique in the third quarter of 2023, according to researchers at ReliaQuest. “In Q2 2023, spear phishing-related techniques represented the three most observed methods of attack,” the researchers write. “This remained true in Q3 2023, accounting for a total of almost 65% of all true-positive incidents.