Exabeam Research: AI Supercharges Insider Threats, Now Outpacing External Attacks
74% report AI is making insider threats more effective, and 53% expect insider threats to increase.
The MemcycoFM Show: Episode 13 - How 5 of the Biggest Retail ATO Attacks Could Have Been Stopped
Retailers have become prime targets for account takeover. Loyalty balances, stored cards, and digital wallets represent liquid assets, often guarded by weaker controls than financial accounts. Attackers exploit credential reuse, phishing infrastructure, and automation to scale these intrusions. Reported retail ATO cases in the UK rose 96% year over year (Action Fraud, 2023). The following five breaches illustrate how large brands across loyalty, e-commerce, and digital wallets were compromised, and how real-time, in-session defenses could have altered the trajectory.
New Homoglyph Phishing Campaign Impersonates Booking.com
Attackers are using a Japanese Unicode character to replace forward slashes in phishing URLs, BleepingComputer reports. The attacks impersonate Booking.com with phony emails that inform users of a new login to their account. “The attack, first spotted by security researcher JAMESWT, abuses the Japanese hiragana character “ん” (Unicode U+3093), which closely resembles the Latin letter sequence '/n' or '/~', at a quick glance in some fonts,” BleepingComputer explains.
CVE-2025-54253: Zero-Day Vulnerability in Adobe Experience Manager Forms
A critical zero-day (CVSS 10.0) in Adobe Experience Manager (AEM) Forms JEE 6.5.23.0 and earlier allows authentication bypass and remote code execution (RCE). AppTrana delivers immediate Day 0 protection with: Virtual patching before vendor fixes Continuous monitoring of exploit attempts 24×7 security team ensuring zero downtime With a public PoC already available, the risk is high. Apply the patch ASAP or protect instantly with AppTrana WAAP.
Modern Access Control in the Public Sector: A CISO's Perspective
Hear from Keeper Security’s Chief Information Security Officer, Shane Barney, for an exclusive, interview-style webinar addressing the most pressing questions around secrets management and Privileged Access Management (PAM) in today’s public sector IT landscape.
Where Infosec Compliance Really Fails
Here’s the issue: compliance gets bolted on instead of baked in. Point-in-time checks don’t reflect the day-to-day risk reality. And that’s where organisations fall down.
Phishing Attacks Target Brokerage Accounts to Manipulate Stock Prices
Professional phishing groups are targeting customers of brokerage firms in order to manipulate stock prices, KrebsOnSecurity reports. The attackers use a technique called “ramp and dump” to profit from the scheme. “With ramp and dump, the scammers do not need to rely on ginning up interest in the targeted stock on social media,” Krebs explains.
What is the Most Secure Way to Store Cryptocurrency?
Cryptocurrency is valuable only if you can access it. Watch this short video to learn how to secure your crypto and the ways Keeper can help.
Secure Web Gateway vs CASB: What Is the Difference?
Looking to understand the difference between a Secure Web Gateway (SWG) and a Cloud Access Security Broker (CASB) so you can make the right security investment? This blog breaks down how each technology works, its key business benefits, and provides a clear decision framework.
Warning: Social Engineering is a Growing Threat to the Industrial Sector
Social engineering attacks are a growing threat to operational technology (OT) environments, Industrial Cyber reports. Cyberattacks against these environments can be particularly damaging since they have the potential to cause physical disruptions.