Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

What is a Transaction Fraud Explained: Types, Impacts, and Transaction Fraud Detection

In 2020, the world moved online, and the pandemic kicked industry demand into overdrive. Seemingly overnight, entire organizations yielded to the mandates pushed by health professionals, encouraging anyone not already online to make an account or two. That year, transaction card fraud totaled around $149 million in losses in the US and has only increased since then, up to $48 billion globally.

What is IT Security Audit: Its Importance, Types, and Examples

More organizations than ever are moving to online processes, offering convenience and efficiency to their consumers and clients. However, the move to digital isn’t without its risks; security audits assess the current state of an organization’s IT and data environments and then offer recommendations to improve them. Security audits are an essential aspect of an organization’s approach to data defense, especially when threats are moving and growing daily.

The Dell API Breach: It could have been prevented

As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack flow. The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, the attacker had a valid account.

Verizon: The Human Element is Behind Two-Thirds of Data Breaches

Despite growing security investments in prevention, detection and response to threats, users are still making uninformed mistakes and causing breaches. One of the basic tenets of KnowBe4 is that your users provide the organization with an opportunity to have a material (and hopefully positive) impact on a cyber attack. They are the ones clicking malicious links, opening unknown attachments, providing company credentials on impersonated websites and falling for social engineering scams of all kinds.

Phishing and Pretexting Dominate Social Engineering-Related Data Breaches

New data shows that despite the massive evolution of the cybercrime economy, threat actors are sticking with the basics in social engineering attacks, with a goal at stealing data. I probably could have called this purely based on all the articles I’ve written (and all the articles I’ve read that never made it here). But when it comes to protecting your organization from social engineering, stick to the basics.

Dell Data Breach: Hackers Expose Personal Info of 49M Customers for Sale

Dell Data Breach: What You Need to Know? Dell Technologies recently announced a data breach affecting a company portal, which compromised certain customer information linked to purchases. The breach exposed customer names, physical addresses, and detailed order information, such as service tags, item descriptions, order dates, and warranty details. Fortunately, Dell has assured that no financial data, email addresses, phone numbers, or other highly sensitive information were accessed during the incident.

What Does Incognito Mean, How Does It Work, and Is It Really Safe?

How do you browse the Internet? Using a primary browser, you can turn on “incognito mode,” which increases your privacy on singular devices but is also less concealing than other privacy tools like virtual private networks (VPNs). The functionality of these modes differs between browsers. While the mode offers reliable personal security, it also lacks cybersecurity defenses and is often used by those with misconceptions about how the tool works. So, what is incognito mode?

What Is a Pig Butchering Scam: How to Protect Your Financial Future

How far are you willing to go to obtain love? Online threats surround us every time we get on the Internet—all of them are out for more than a lasting emotional connection. Romance scams are the most insidious of online threats, not because they wreck the emotional and financial statuses of their victims but because they are incredibly well-thought-out.

Has your personal data been breached on the dark web?

The dark web can feel like a mysterious underworld, a hidden corner of the internet where there are no rules. It’s a place where stolen data gets traded, and cybercriminals plot their next attacks. Just because it’s dark, that doesn’t mean you have to be blind to the threats lurking there. That’s where ManageEngine Log360 comes in with a powerful new integration for Constella Intelligence.

Top 10 Best-Known Cybersecurity Incidents and What to Learn from Them

Negligent or malicious behavior by those who have legitimate access to your systems can be more devastating to your company than the efforts of outside attackers. The 2023 Cost of Insider Risk Global Report by the Ponemon Institute shows that cybersecurity incidents caused by insiders through negligence, credential theft, and malicious intent had an average cost per incident of $505,113, $679,621, and $701,500, respectively.