As a Chief Information Officer, CISO, Security Director, or CEO of any organization, leaving your digital defenses vulnerable to data breaches comes with costly risks. From the potential for customer data theft and extensive damage to your industry reputation—it’s critical that you take proactive security measures to ensure a strong security posture.
Discover how honeytokens, digital decoys designed to detect unauthorized access, can strengthen the security of your CI/CD pipelines. In this guide, we offer step-by-step instructions for integrating them into popular pipelines like Jenkins, GitLab, and AWS CodePipeline.
A phishing campaign is spoofing the major German media conference Anga Com, according to Jeremy Fuchs at Avanan. “A central part of any conference for a company is to garner interest for their company,” Fuchs explains. “Many conferences will give over lead lists for companies to follow up on. This can be a significant source of potential revenue for companies. This is not the usual fare for hackers.
The French government is taking a stand against the increasing threat of digital warfare. Publicly accusing Russia of conducting an extensive online manipulation campaign, France is fighting back against typosquatting of major media outlets and the French Foreign Ministry. The goal of these fake websites is to spread disinformation and confusion about the ongoing war in Ukraine.
While artificial intelligence (AI) has been the hot topic of this year, a theme that I continue to see is that AI is being used for good and evil. I'm going to dive more into key takeaways your organization can learn from Catherine Williams, Threat Intelligence Specialist at Telecom giant BT. Get her insights on AI being on two sides of the battlefield, and why everyone should start integrating cybersecurity in their everyday tasks now.
On May 29, 2023, a critical security vulnerability, identified as CVE-2023-34362, was published, leaving users of MOVEit Transfer software at high risk. According to Progress, organizations have reported possible exploitation in the wild. Therefore it’s crucial that any business using MOVEit Transfer to take immediate action, especially since all versions of this popular file transfer software are affected by this vulnerability.
Killnet is an advanced persistent threat (APT) group based in Russia that has been active since at least 2015. The group is notorious for its highly sophisticated and persistent attacks on a diverse range of industries, including state and local governments, telecommunications, and defense. Killnet has been linked to several high-profile attacks, including the 2016 hack of the Democratic National Committee (DNC) during the U.S. presidential election.
We often hear how a company was compromised by a sophisticated attack. This characterization contains all the romantic thrill of a spy movie, but it is usually not how most companies are victimized. Most breaches usually happen as a result of malware entering the environment. The need to protect against malware is addressed in progressive degrees in Requirement 5 of the new 4.0 version of the Payment Card Industry Data Security Standard (PCI DSS).
