Whether the means of a cyber-attack are phishing, ransomware, advanced persistent threat, malware, or some combination, the target is ultimately the same: your data. So, as companies seek to implement a zero-trust approach to security, they would do well to include database protection. Interest in Zero Trust is certainly high, with nearly two-thirds (63%) of organizations worldwide having implemented a zero-trust strategy, according to a recent Gartner survey. But it is hardly all-encompassing.

A new survey of hackers shows that AI is not only empowering hackers to be more effective, but that AI itself is “ripe for exploitation.” Rarely do we get to ask a hacker “what do you think” when it comes to cyber attacks, cybersecurity efforts, and what they think the future will hold. But Bugcrowd’s 2024 Inside the Mind of a Hacker Report (which surveyed 1300 hackers) hosts a treasure trove of data around how hackers see AI and the value it brings.

We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA). The majority of people, including the majority of cybersecurity practitioners, do not know that most MFA…especially the most popular types used today (e.g., one-time passwords, pushed-based, SMS-based, etc.), can be as easily phished or bypassed as the passwords they were intended to replace.

Three out of four Black Friday-themed spam emails are scams, according to researchers at Bitdefender. Most of these scams are targeting users in the US and Europe. “This year, 77% of all Black Friday-themed spam (by volume) analyzed by Bitdefender’s Antispam Lab team was classified as scams, while only 22% was identified as marketing lures—emails designed to drive traffic to legitimate but overly aggressive promotions,” the researchers write.

An attack surface is the sum total of all the various ways that a cyber threat actor could attack an organization. This includes everything from software vulnerabilities, like SQL injection, to lost and stolen devices to social engineering attacks against the organization’s employees or third-party partners. An organization’s overall attack surface can further be divided into its external and internal attack surfaces.

‘Black Friday’ is an event every savvy shopper eagerly awaits as the holiday season approaches. However, it’s no longer just a single day of deals. Black Friday has evolved into a weeks-long sales event, and in some cases, it spans the entire month of November. While this extended shopping period offers consumers more time and flexibility to grab bargains, it also significantly increases opportunities for cybercriminals to exploit unsuspecting shoppers.

The physical location of users has become less and less important in conducting business, with the drawback that it creates new, persistent threats to organizations. You know that. You may not know that remote access to IT and business-critical systems is not a new concept. It’s been around since the late 1980s.

Let’s be honest: APIs are the unsung heroes of the modern business world. They work silently behind the scenes, connecting applications, driving innovations, and ensuring your digital transformation stays on track. However, there’s a crucial downside: APIs can pose a significant security risk. They can be likened to unlocked doors leading to your sensitive data and essential business functions—an ideal target for hackers.

Our stack to go from experimenting to production won't have any more secrets for you.

Penetration testing, also referred to as pen testing, is a simulation of a cyber attack that organizations conduct to identify security vulnerabilities within their systems. By finding weaknesses through a simulated cyber attack, organizations can pinpoint areas that need improvement before a cybercriminal can exploit them. Penetration testing helps organizations address issues in their systems to prevent unauthorized access, meet compliance requirements and minimize the risk of phishing attacks.