Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

There are several different types of spyware, such as adware, stalkerware and keyloggers. No matter what kind of spyware is installed on your device, it is frightening to have your privacy invaded and sensitive information stolen by cybercriminals. Read more to learn what spyware is, the different types of spyware and how to protect your devices from spyware.

The events of Friday the 19th 2024 had a profound impact on organizations around the globe. I suppose a widespread global IT outage has a way of clarifying the mind—and IT leaders are recognizing that resilience is crucial for maintaining operations for their consumers, customers, staff, partners, and shareholders. But much of the post-mortem analysis seems to be misunderstanding key lessons from the outage.

As we continue our Summer School blog series, let's focus on a vital aspect of modern application security: the relationship between API posture governance, API security, and the constantly changing regulatory compliance landscape. In today's interconnected world, where APIs are crucial for digital interactions, organizations are challenged with securing their APIs while complying with complex regulations designed to protect sensitive data and critical infrastructure.

Effectively acting as an invisible shield, the inner workings of IoT security are often taken for granted. However, we can focus and shine a light on the protocols and practices that provide the foundation of IoT security to help others see how these efficiently operate behind the scenes to protect complex networks of interconnected devices.

New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves. It’s every cybersecurity professionals’ worry; whether the security controls they’ve put in place will actually stop attacks.

Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG). As email security technologies improve, scammers are turning to social media apps, text messages, and voice calls to conduct social engineering attacks.

The traditional financial industry is saddled with multiple pain points, and I predict that within 15 years, many financial and payment systems will be replaced by a wholesale shift to digital assets. Businesses want to achieve their goals by trading faster, conducting payments faster, cutting expenses, and doing it in a simpler and more secure way.

In the ever-evolving landscape of IT services, channel partners like service providers, managed service providers (MSPs), and telecommunications companies have long played a crucial role in delivering enterprise networking and security solutions. However, a subtle yet powerful shift is emerging that threatens to disrupt this status quo. Single-vendor SASE (Secure Access Service Edge) solutions are rapidly gaining traction and quietly reshaping the competitive landscape.

Xeon Sender targets cloud APIs, Cisco Talos reveals UAT-5394 infrastructure, and attackers leverage public.env files to extort victims.

As financial services companies, such as banks, hedge funds, and stock exchanges, move to the cloud, sensitive data often unintentionally moves with them. To help avoid costly breaches and address governance, risk, and compliance (GRC) requirements such as PCI-DSS, GDPR, and SOC 2, these organizations may need to identify where in the cloud sensitive data can leak and be able to redact it at scale.