Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Forescout’s Vedere Labs latest research report is the first systematic study into deep lateral movement: how advanced adversaries can move laterally among devices at the controller level – also known as Purdue level 1 or L1 – of OT networks.

Authentication, at its core, is the act of verifying credentials. In the case of human beings, it’s as simple as answering the question, “Who are you, and how do I know for sure it’s you?” Authentication is something we’re constantly engaging with in everyday life.

The Hive Ransomware Group is a sophisticated criminal organisation that targets businesses around the world with their ransomware attacks. The group’s primary goal is to extort money from victims by locking and encrypting their data, making it inaccessible until a ransom payment is made.

Operating in a cloud model means not only being able to access your data anywhere but that your infrastructure is flexible and scalable enough to accommodate demands that change from day to day or sometimes from moment to moment. This is easy enough to achieve in a public cloud, where resources can be made elastic and added and removed dynamically.

Cryptography is fundamental to many information security and privacy mechanisms. Today, a variety of cryptographic algorithms are used in many different applications. This article explains cryptography: how it works, key principles or operations of cryptography, types of cryptography, use cases and more! (This article was written by Shanika Wickramasinghe.

When it comes to high profile cybercrime incidents, it’s the major tech vulnerabilities and sophisticated state-sponsored threat vectors that make the headlines. In reality, however, most of the cybercrime incidents exploit the human element as the weakest link in the cyberattack kill chain.

Most companies now recognize the serious and insidious nature of cybersecurity threats. But many fail to grasp that the digital transformation, remote work, automation and cloud migration activities of the last few years have turbocharged the number of identities seeking access to data and critical business systems. This surge in identities has exponentially increased the likelihood of cyberattacks, undercutting the effectiveness of traditional identity and access management (IAM) paradigms.

It's a good question, and if you're curious about whether any of your email addresses or passwords were included in a data breach, you can easily find out at HaveIBeenPwned.com. This entirely free service, managed by Microsoft Regional Director & MVP Troy Hunt, lets you enter an email address or password to see how many breaches it has been included in.

The threat landscape in the financial services sector continues to get more menacing. Malicious actors and cybercrime groups increasingly set their sights on the sensitive financial data that banks, moneylenders, insurance companies, credit unions, and more all store in their IT environments. Exemplifying the challenge, one recent study found that the financial sector experienced the second-highest volume of data breaches in 2022.

Application Programming Interfaces (APIs) are the connecting tissue that enables the communication between applications, internal and external, and facilitate data exchange on a massive scale. In a world where information is the crown jewel of an organization, APIs are driving the delivery of digital services to customers and partners. While their usage is already exploding, the growing popularity of cloud-native technologies and microservices has only accelerated API adoption.