Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In recent years, phishing attacks have become increasingly sophisticated and are now being conducted through various messaging platforms such as Telegram. Telegram is a popular messaging app that allows users to send messages, photos, videos, and other files over the internet. It also provides APIs that allow developers to create custom bots and applications. Unfortunately, these same APIs can be used by malicious actors to exfiltrate credentials successfully phished from attacks.

In this episode of the Future of Security Operations podcast, Thomas speaks with Diana Kelley, Chief Security Officer / Chief Strategy Officer at Cybrize, which connects organizations, security leaders, and job seekers to train and support the next generation of cybersecurity professionals.

Cybersecurity isn’t easy in any industry, but it is perhaps most challenging for the banking, financial services, and insurance (BFSI) sector. Financial institutions are highly digitized and have large, complex IT infrastructures with many environments and assets to protect. At the same time, these enterprises are highly targeted by threat actors, leading to a constant barrage of attacks to detect and disrupt.

If you were to poll the folks in a typical office about which aspect of the infamous CIA Triad was most important to them, you would likely get different answers from different people. While confidentiality, integrity, and availability are all important and serve to function together, for the sake of fun, what if you had to choose one factor as the most critical?

The 18th International Conference on Cyber Warfare and Security gave researchers, policymakers, and security professionals a chance to share findings and ideas. Read the highlights.

Mass layoffs. Budget cuts. Funding shortages. Fears of recession. Headlines paint a bleak picture for organizations in 2023. To prepare for the turbulent year ahead, companies are scaling back their spending in droves. Yet, amid ruthless cost-cutting, many organizations are still prioritizing their investments in bulking up cybersecurity defenses. The question is, what are they spending these budgets on?

Vulnerabilities are only one part of the cloud security story. Misconfigurations are still the biggest player in security incidents and, therefore, should be one of the greatest causes for concern in organizations.

Another day, another cyber espionage campaign exploiting two legitimate and well-known cloud services to deliver the malicious payload. Once again, this campaign was unearthed by researchers at Sentinel One, and it is aimed to distribute the Remcos Remote Access Tool (yet another example of a remote control tool used for malicious purposes) through the DBatLoader to target predominantly organizations in Eastern Europe.

According to recent research, 68% of computer applications use open-source software libraries without the knowledge of the company. Another study by Argon Security shows that the supply chain attacks have grown up to 300% in 2021 compared to 2020.

Innovation and regulation are two important factors that have a significant impact on the growth of any industry, including information security. The question of whether regulation inhibits or inspires innovation is a contentious one, and there are compelling arguments on both sides.