The FBI is set to report that ransomware was the most pervasive cybersecurity threat to US critical infrastructure during the year of 2024. As Reuters reports, complaints of ransomware attacks against critical sectors have jumped 9% over the previous year.

Scammers are exploiting the death of Pope Francis to launch social engineering attacks, according to researchers at Check Point. The researchers note that threat actors often take advantage of high-profile tragedies and crises to exploit victims’ emotions. “They typically begin with disinformation campaigns on social media platforms like Instagram, TikTok, or Facebook, uploading fake images generated by AI,” the researchers write.

In this week’s episode of The Future of Security Operations podcast, I'm joined by Josh Lemos, CISO at GitLab. Throughout his 15-year career in security, Josh has led teams at ServiceNow, Cylance, and Square. Known for his expertise in AI-driven security strategies, Josh is also a board member with HiddenLayer. He drives innovation at GitLab with a relentless focus on offensive security, identity management, and automation. Josh and I discuss.

Ever since Microsoft’s initial announcement on February 13, 2025, about a Russian nation-state phishing campaign using "device code phishing," many people have been wondering what it is. This post will tell you what device code phishing is and how to defend against it. Here are some other related reports involving the recently reported device code phishing attacks.

Data Loss Prevention (DLP) tools are crucial for protecting sensitive information as it moves within and outside an organization. They help prevent data leaks and unauthorized access by allowing organizations to monitor, control, and respond to potential data transfer risks. In this article, let’s learn more about how DLP tools play a vital role in secure data transfers.