CISA's Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation
Phishing is used to completely compromise the victim’s environment after other repeated methods failed.
What is a Brute Force Attack in Cybersecurity and How to Prevent it
In the world today, there is a plethora of critical data circulating the internet, leading to complex attacks like brute force attacks. Individuals who are after this data for the wrong purpose and who use brute force attacks to gain access to these data are called cyber attackers.
How to Evaluate Maintainability of Open Source Packages
Watch the full video for more...
78% of Organizations Are Targets of Ransomware Attacks Two or More Times in Twelve Months
New data puts the spotlight on the frequency and impact of modern ransomware attacks, highlighting the overconfidence organizations are showing in their ability to defend and respond to attacks. If you’re like one of the organizations surveyed in Halcyon’s latest Ransomware CISO Survey report, the findings were quite eye opening.
Crowdstrike Outage: Know Your Supply Chain
Knowing Your Supply Chain (KYSC) is becoming an increasingly important component of cyber resilience. Understanding the dependencies within your organization and those of your vendors is critical for responding to incidents effectively. Even the most reliable vendors and partners can experience issues. Today, a widespread outage impacted CrowdStrike Falcon, affecting the global supply chain.
What Is an Endpoint Protection Platform (EPP)?
An Endpoint Protection Platform is an endpoint security capability designed to protect systems from compromise by preventing malicious software from executing. It is important to understand that Endpoint Protection is often used in conjunction with Endpoint Detection and Response (EDR), however they are not synonymous. The primary purpose of an EDR solution is to record events as they occur while also providing a means of threat resolution.
The Top Cyber Attack Vectors Organizations Face
Recent research by Arctic Wolf has revealed that, within the last 12 months, 48% of organizations identified evidence of a successful breach within their environment. As The State of Cybersecurity: 2024 Trends Report highlights, “To fully understand the gravity of this statistic, it is important to understand that, although 48% of these environments found evidence of a data breach, that does not inversely mean that 52% of organizations did not suffer a breach.”
CrowdStrike Phishing Attacks Appear in Record Time
I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called "CEE". As in Company Extinction Event. Within hours of mass IT outages on Friday, a surge of new domains began appearing online, all sharing one common factor: the name CrowdStrike. As the company grapples with a global tech outage that has delayed flights and disrupted emergency services, opportunistic cybercriminals are quick to exploit the chaos.
Preparing for Cybersecurity Audits: Insights from US Regulations
Cybersecurity regulations often include audits that assess and strengthen an organization’s defenses against increasing cyber threats. In the United States, various cybersecurity regulations, including HIPAA, SOX, PCI DSS, and more, require audits. Each audit ensures your organization meets the required standards outlined in the regulation while also strengthening its overall cybersecurity framework.
A guide to the OWASP TOP 10 for large language model applications
Attackers are increasingly targeting vulnerabilities within large language models (LLMs) used to recognise and generate text. In response to the growing risk, the recently launched OWASP Top 10 for LLMs covers the key vulnerabilities within these types of AI applications. Read our guide to learn more about the most critical vulnerabilities and how to reduce AI security risks.