Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Pindrop have published a report looking at consumer interactions with AI-generated deepfakes and voice clones. “Consumers are most likely to encounter deepfakes and voice clones on social media,” the researchers write. “The top four responses for both categories were YouTube, TikTok, Instagram, and Facebook. You will note the bias toward video on these platforms as YouTube and TikTok encounters were materially higher.

Social engineering in its many forms took center stage in Q3 2023. The quarter saw “human hacking” evolve from a long-standing security challenge to threat actors’ method of choice. This was evidenced by our observations of the dramatic escalation of social engineering tactics, with significant increases in phishing, smishing, valid accounts, voice phishing and other tactics—adding up to the highest volume of incidents we have seen in 2023.

The SecOps Cloud Platform (SCP) is LimaCharlie’s vision for the future of cybersecurity. The SCP delivers core cybersecurity capabilities and infrastructure API-first, on-demand, and pay-per-use. It’s a paradigm shift similar to what the IT public cloud did for IT—but for cybersecurity. The SCP model benefits nearly everyone working in security today, from large organizations and enterprise security teams to managed service providers and SMBs.

Across the globe, the financial services sector is affected by increased security regulations. To name a few, there is the United States’ Executive Order on Improving the Nation’s Cybersecurity, the European Union’s NIS2 Directive, the SEC’s new rules on disclosures, and ISO 20022.

The annual holiday shopping season is poised for a surge in spending, a fact well-known to retailers, consumers, and cybercriminals alike. The latter group, however, is poised to exploit any vulnerabilities they can find to pilfer valuable consumer and business data. Unlike holiday shoppers flocking to stores or browsing online during Black Friday and Cyber Monday, these adversaries don't adhere to a seasonal schedule.

In a supply chain attack, hackers aim to breach a target's defenses by exploiting vulnerabilities in third-party companies. These attacks typically follow one of two paths. The first involves targeting a service provider or contractor, often a smaller entity with less robust security. The second path targets software developers, embedding malicious code into their products. This code, masquerading as a legitimate update, may later infiltrate the IT systems of customers.

You have kicked-off your annual application security assessment, but by the time the final report comes in, so have a bunch of new features from your developers. Since your pen test report can’t keep-up with your modern development cycles, it is now (and always) obsolete. You can check-off your compliance checkbox, but you’re not anymore secure than you were before. If this sounds familiar, it is clearly time for an update.

The zero trust security approach has gained traction for its effectiveness in improving organizations’ resilience against emerging cyber threats. In this article, we outline five up-to-date statistical facts which make the case for zero trust. You will also learn five simple steps to start implementing zero trust architecture without major investments.

In the ever-evolving landscape of cybersecurity, having a robust and efficient security information and event management (SIEM) system is crucial. One powerful solution that has gained significant traction is the Elastic® integration with Amazon Security Lake. This integration not only facilitates the collection of security-related log and event data, but also empowers organizations to analyze and understand their security posture comprehensively.

If you’re responsible for creating a Web Application Firewall (WAF) rule, you’ll almost certainly need to reference a large list of potential values that each field can have. And having to manually manage and enter all those fields, for numerous WAF rules, would be a guaranteed headache.