Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

‍Managing risk is not an isolated process; it involves a series of coordinated efforts, sometimes spanning across teams, to identify threats, mitigate vulnerabilities, and ensure the organization remains resilient.

As a former federal CISO, I’ve observed a persistent and dangerous misconception within government agencies: the belief that smart card authentication eliminates the need for enterprise password and Privileged Access Management (PAM) solutions. This assumption creates critical security vulnerabilities that deserve closer examination.

Researchers at Zimperium warn that a large phishing campaign is impersonating the US Postal Service (USPS) to target mobile devices with malicious PDF files. The goal of the campaign is to direct users to a spoofed USPS website designed to harvest personal information. “The investigation into this campaign uncovered over 20 malicious PDF files and 630 phishing pages, indicating a large-scale operation,” the researchers write.

Our recent Africa Cybersecurity Awareness survey has revealed a startling surge in cybersecurity concerns among African users, with 58% of respondents expressing high levels of worry about cybercrime - a figure that has nearly doubled from 29% in 2023. The fear is not unfounded. As highlighted by Interpol's African Cyberthreat Report 2024, the continent has witnessed a significant uptick in cybercrime, along with its financial and social repercussions.

In our previous round-up of security research for 2023, we mentioned our surprise at the large volume of 29,000 vulnerabilities that were reported two years ago. But that didn’t prepare us for the astounding 40% increase, reported by Cyber Press, resulting in over 40,000 CVEs that were published over the past year in 2024.

Behavioural analytics in cyber security has emerged as a powerful tool for identifying and mitigating human risks. By focusing on how humans interact with systems, user behavioural analytics offer a proactive approach to threat detection, ensuring a more secure digital environment for businesses.

Let’s move on with our research on the DevOps threat landscape in 2024. Let’s see which security incidents and vulnerabilities GiLab users faced in the previous year. In 2023, GitLab reported 76 incidents on their Status page, this year the number of incidents grew by almost 21% and compiled 96 incidents in total.

Hackers don’t always need malware or harvested credentials to break into systems and accounts. Why bother with technical hacks when bad actors can trick people into getting what they want? From deepfake video calls impersonating friends or relatives to perfectly cloned login portals that steal credentials in real-time, social engineering scams are more convincing than ever. In fact, social engineering now accounts for 70 to 90% of cyber attacks.

Cyberstalking and harassment can take many different forms, whether you’re receiving distressing messages, being bullied, having personal information released online, or you suspect you’re being monitored. This guide will help you understand what laws and regulations apply in the UK, how to report cyberstalking and harassment, what evidence you should collect and store, and how to engage with the police and other supporting organisations.

We are thrilled to share that WatchGuard Endpoint Security Solutions has achieved outstanding results in the December 2024 PassMark Performance Benchmark Report, reinforcing our commitment to delivering top-tier security with minimal impact on system performance. PassMark, a trusted third-party benchmarking authority, evaluated the performance impact of 10 leading endpoint security solutions in enterprise environments, assessing them across 9 key performance metrics, including.