Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The main difference between passkeys and 2FA is that passkeys completely remove the need for individuals to enter a password, whereas 2FA enhances the security of an account by requiring an additional method of authentication in addition to a traditional username and password. Continue reading to learn more about the differences and similarities between passkeys and 2FA, and which is more secure.

Mobile devices have made it possible for employees to work and communicate from just about anywhere. But that convenience comes at a price. The rise of mobile devices and the rise of mobile security threats have gone hand-in-hand. Mobile devices like phones, tablets, and ChromeOS devices present an incredible vector for phishing, social engineering, and malware distribution—and threat actors are keenly aware of that fact.

Responding rapidly to cyber threats is a make-or-break capability in today’s high-stakes security environment. A missed alert can quickly escalate a minor incident into a major crisis, jeopardizing your organization’s critical assets and hard-earned reputation. A recent IBM study revealed that companies took an average of 237 days to identify a data breach in 2021 — an inexcusable delay that could invite catastrophic consequences. (Source: IBM Cost of a Data Breach Report 2022)

The latest Salt Security State of API Security Report is out now, and we’re thrilled to give a little sneak peek of its contents. As we have done in previous years, the State of API Security Report is assembled from survey responses and empirical data from Salt customers. This report includes the special addition of the “in the wild” API vulnerability research, much like last year’s report did, to give deeper insight into API concerns in real-world situations.

October is rapidly approaching, and that means new cybersecurity regulations known as NIS2 are set to be enacted by European Union (EU) member states. States are required to publish their local version of the NIS2 Directive into law by the 17th of October. Whilst many countries are well on track, however, some have already acknowledged they will not meet the deadline. This delay leaves organisations somewhat in the dark as to what they will need to comply with and by when.

Knowledge is power. Especially in the hands of your competitors. Information about your company, its products and services, finances, sales, and marketing strategy is a weapon in the ruthless world of espionage in business. That’s why it’s important to ensure that your organization’s data is well-protected. In this article, we reveal the meaning of corporate espionage and explain how to prevent industrial espionage.

The Digital Operational Resilience Act(DORA), introduced by the European Union, will come into effect in the financial sector from January 2025. Its purpose is to establish a comprehensive regulatory framework to assist financial institutions in effectively addressing and managing cybersecurity threats. DORA will have a significant impact not only on the financial industry but also on its IT service providers.

The need for the Development of Online Reliable Sources (DORA) arises from the increasing concern over the spread of misinformation on the internet. DORA aims to promote fact-checking and address the detrimental effects of fake news in today's society. In recent years, the proliferation of fake news has had a profound negative impact on individuals and communities alike. False information spreads rapidly, causing confusion, division, and mistrust among people.

At the end of May 2024, the largest ever operation against botnets, dubbed Operation Endgame, targeted several botnets including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and Trickbot. This operation significantly impacted the botnets by compromising their operations and shutting down their infrastructure. Although Latrodectus was not mentioned in the operation, it was also affected and its infrastructure went offline.