%term

Measuring the Effectiveness of Cyber Security GRC

Feb 17, 2025 By Kovrr In Kovrr

‍Cyber security governance, risk, and compliance (GRC) programs are often viewed as cumbersome - a necessary yet costly component of doing business, providing very little value to the organization in terms of strategic impact. This narrow perception, unfortunately, limits the plethora of opportunities that a robust cyber security GRC framework would otherwise unlock.

Read Post

Kovrr

Read more about Measuring the Effectiveness of Cyber Security GRC

The Elonephant in the Room - The 443 Podcast - Episode 320

Feb 17, 2025 By WatchGuard In WatchGuard

This week on the podcast, we cover a video game that delivered malware through the Steam marketplace before diving into an analysis of a recent Palo Alto authentication bypass vulnerability. We end the podcast by covering the recent activity from the Department of Government Efficiency (DOGE) and the security impact to US federal agencies. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The Elonephant in the Room - The 443 Podcast - Episode 320

Web Application Penetration Testing

Feb 17, 2025 By Jinson Varghese In Astra

Web application penetration testing involves performing a simulated attack on a web app to determine weaknesses that hackers can exploit. The testing process uses emulations of real-world attacks to identify hidden attacks such as SQL injection, cross-site scripting (XSS), or cross-site request forgery (CSRF). What is the worst that could happen if you don’t continuously test your web application for vulnerabilities?

Read Post

Astra

Read more about Web Application Penetration Testing

Advanced Ransomware Evasion Techniques in 2025

Feb 17, 2025 By Isla Sibanda In Tripwire

Ransomware has become more than a threat—it's a calculated assault on industries, wielding AI-driven precision to bypass traditional defenses. Attackers adapt faster than ever, turning cybersecurity into a high-stakes race where falling behind isn't an option. As we step into 2025, organizations face an urgent need to outthink and outmaneuver these evolving adversarial attacks.

Read Post

Tripwire

Read more about Advanced Ransomware Evasion Techniques in 2025

The Rise of APIs: Data Integration & Microservices #APIGrowth #Microservices #DataIntegration

Feb 17, 2025 By Wallarm In Wallarm

APIs are growing exponentially due to data integration and microservices architecture, but this expansion increases security risks. As companies scale, so does the API attack surface. Learn how to secure your APIs in an era of rapid growth.

View Video

Wallarm

Read more about The Rise of APIs: Data Integration & Microservices #APIGrowth #Microservices #DataIntegration

How does DORA impact UK entities: Key implications to consider

Feb 17, 2025 By Vanta In Vanta

The Digital Operations Resilience Act (DORA) is a new regulation aimed at improving the cybersecurity and operational stability of the EU's financial sector, especially regarding risks related to information and communications technology (ICT). It applies to organizations in the financial industry, requiring them to reassess and adapt their security posture to DORA’s stringent requirements.

Read Post

Vanta

Read more about How does DORA impact UK entities: Key implications to consider

Phishing for Love: A Sharp Surge in Valentine's Day-Themed Scams

Feb 17, 2025 By Martin Kraemer In KnowBe4

This Valentine’s Day, Cupid wasn’t the only one taking aim. Our Threat Research team noted a 34.8% increase on Valentine-related threat traffic in comparison to February of 2024. Leveraging impersonation and social engineering techniques, attackers have used a seasonal event to exploit heightened emotions and a sense of urgency, effectively increasing the likelihood of success in their phishing campaigns.

Read Post

KnowBe4

Read more about Phishing for Love: A Sharp Surge in Valentine's Day-Themed Scams

ChatGPT's NEW Model Almost Got Me FIRED...

Feb 17, 2025 By Snyk In Snyk

Today we will be taking a look at OpenAI's latest model, ChatGPT o3-mini-high. This model is said to be the best at coding and logic. In this video, we will be putting that to the test by asking it to create a secure note taking application. If the application is not secure, I will be FIRED...

View Video

Snyk

Read more about ChatGPT's NEW Model Almost Got Me FIRED...

How AI Test Agent autonomously finds bugs

Feb 17, 2025 By Code Intelligence In Code Intelligence

A few weeks ago, we introduced Spark, an AI Test Agent that autonomously uncovers bugs in unknown code with just a single command. Watch the video to see how Spark generated 3 successful fuzz tests, identified a severe vulnerability, and achieved 79% code coverage with just one command. Spark has already identified several real-world vulnerabilities in open-source projects, even those that are continuously fuzzed.

View Video

Code Intelligence

Read more about How AI Test Agent autonomously finds bugs

HIPAA-Compliant Slack Alternative: Secure, Efficient, and Built for Healthcare Teams

Feb 17, 2025 By SecuritySenses In SecuritySenses

If you're in the healthcare industry, you already know the drill-data security isn't just important, it's non-negotiable. HIPAA compliance isn't a nice-to-have; it's the law. And when it comes to team communication, you need a Slack alternative that doesn't just promise security but actually delivers. Because let's face it-Slack? No bueno for HIPAA.

Read Post