%term

How to Secure AI and Protect Patient Data Leaks

Jan 9, 2025 By Amar Kanagaraj In Protecto

AI systems bring transformative capabilities to industries like healthcare but introduce unique challenges in protecting patient data. Unlike traditional applications, AI systems rely on conversational interfaces and large datasets to train, test, and optimize performance, often including sensitive patient information. AI systems pose complex risks to patient data privacy and AI data security that cannot be effectively managed using traditional methods.

Read Post

Protecto

Read more about How to Secure AI and Protect Patient Data Leaks

Demystifying Docker: Understanding and Optimizing Your Images

Jan 9, 2025 By Thomas Forbes In GitGuardian

Everything you were too afraid to ask about Docker, containers, and their fundamental building blocks: layers. Understanding how layers work naturally leads to a more efficient method of packing images, ultimately speeding up your deployments.

Read Post

GitGuardian

Read more about Demystifying Docker: Understanding and Optimizing Your Images

Malicious WordPress Plugin Assists in Phishing Attacks

Jan 9, 2025 By Stu Sjouwerman In KnowBe4

Researchers at SlashNext warn that cybercriminals are using a WordPress plugin called “PhishWP” to spoof payment pages and steal financial information. The spoofed pages are designed to steal payment card numbers, expiration dates, CVVs, and billing addresses. The plugin can also intercept one-time passwords generated to secure the transactions. The stolen data is immediately sent to the crooks via Telegram as soon as the victim hits “enter” on the phishing page.

Read Post

KnowBe4

Read more about Malicious WordPress Plugin Assists in Phishing Attacks

OWASP Top 10 Non-Human Identity Risks for 2025: What You Need to Know

Jan 9, 2025 By Dwayne McDaniel In GitGuardian

Learn about OWASP’s newest focus on Non-Human Identities and how to mitigate risks like secret leakage, overprivileged NHIs, and insecure authentication with GitGuardian.

Read Post

GitGuardian

Read more about OWASP Top 10 Non-Human Identity Risks for 2025: What You Need to Know

Phishing Campaign Abuses Legitimate Services to Send PayPal Requests

Jan 9, 2025 By Stu Sjouwerman In KnowBe4

A phishing campaign is abusing Microsoft 365 test domains to send legitimate payment requests from PayPal, according to Fortinet’s CISO Dr. Carl Windsor. Windsor found that the threat actor registered a free MS365 test domain and used it to create a distribution list containing targets’ email addresses. The scammer then used this distribution list to send payment requests via PayPal’s web portal.

Read Post

KnowBe4

Read more about Phishing Campaign Abuses Legitimate Services to Send PayPal Requests

Signing the CISA Secure by Design Pledge

Jan 9, 2025 By Matt Muller In Tines

Today, I’m thrilled to announce that Tines has formally signed CISA’s Secure by Design pledge. Since our founding, we have been guided by the fundamental belief that secure software is security software, and that our customers shouldn’t need to make a tradeoff between adding valuable automation capabilities or reducing their attack surface.

Read Post

Tines

Read more about Signing the CISA Secure by Design Pledge

Top 10 Software Composition Analysis (SCA) tools in 2025

Jan 9, 2025 By Madeline Lawrence In Aikido

85% of the code that we use doesn’t come from our own code, it comes from our open-source components and dependencies. This means attackers can know your code better than you do! SCA tools are our best line of defense to keep our open-source supply chain secure. Software Composition Analysis (SCA) tools, also known as open-source dependency scanning, help us understand the risks we have in our open-source supply chain.

Read Post

Aikido

Read more about Top 10 Software Composition Analysis (SCA) tools in 2025

The Future of Payments Starts with Security: Act Today

Jan 9, 2025 By VISTA InfoSec In VISTA InfoSec

In today’s digital world, every swipe, click, and tap connects us—but it also comes with risks. Cybercriminals are constantly evolving, targeting payment systems and compromising financial security. A single breach can cost your business millions and erode customer trust forever. At VISTA InfoSec, we understand these challenges. That’s why we’re here to help you secure your payment systems with industry-leading solutions like PCI DSS compliance, SOC 2 audits, and advanced fraud detection tools.

View Video

VISTA InfoSec

Read more about The Future of Payments Starts with Security: Act Today

Stop Buying Tools You Don't Use

Jan 9, 2025 By Razorthorn In Razorthorn

Why are organisations wasting budgets on tools they don't implement properly? Discover the value of hiring InfoSec strategists to optimise cybersecurity spending.

View Video

Razorthorn

Security

Read more about Stop Buying Tools You Don't Use

A CISO's View on Building an API Security Program in 2025

Jan 9, 2025 By Wallarm In Wallarm

As we enter the new year, the API security landscape continues to evolve. The volume and complexity of APIs attacks has increased. CISOs and security teams should evaluate their current tools and programs for changes. In this webinar, we bring together CISOs to discuss what changes and threats should be considered in API security programs for the new year. Together, we’ll examine and discuss.

View Video