Phishing-as-a-Service: As Simple As Uploading A Logo

Researchers at Fortra are tracking “Strox,” one of the most popular phishing operations of the past two years. Users of Strox phishing kits can easily create phishing campaigns by simply submitting a logo for the brand they want to impersonate. “Currently, twelve phishing kits are sold on Strox for $90 USD each.

EP 38 - Why Cloud Security Doesn't Taste Like Chicken

Today’s guest is Charles Chu, CyberArk’s General Manager of Cloud Security, who’s spent more than a decade at the forefront of cloud security. Chu joins host David Puner for a conversation that delves into secure cloud access and the concept of zero standing privileges (ZSP), a dynamic approach to securing identities in multi-cloud environments.

Another Medical Information Breach Out of Chicago, Notifications Begin

Chicago’s health providers are prime targets for opportunistic hackers; Cook County Health is the most recently discovered victim of a cyber assault. Assailants took advantage of a third-party medical transcription service Perry Johnson & Associates, Inc. (PJ&A) provided. The attack targeted PJ&A’s systems, resulting in the exposure of numerous patient records. If hackers accessed your information during the breach, there’s still time to protect yourself.

The PoP Smackdown: Cato vs. Competitors...Which Will Dominate Your Network?

In the world of professional wrestling, one thing separates the legends from the rest: their presence in the ring. Like in wrestling, the digital world demands a robust and reliable presence for the ultimate victory. Enter Cato Networks, the undisputed champion regarding Secure Access Service Edge (SASE) Points of Presence (PoPs).

The easiest ways to create, test and deploy security policies for EKS clusters

Amazon’s Elastic Kubernetes Service (EKS) is a popular managed Kubernetes option that allows customers to benefit from both an offloaded Kubernetes management plane, and the wide range of services that AWS offers. Managed or unmanaged, securing cluster traffic is always critical and, although AWS Security Groups can secure the cluster nodes, securing pod traffic requires something closer to the application data-path.

What We Learned from the 2023 Annual Cybersecurity Attitudes and Behaviors Report

In the brisk air of early autumn, optimism fills our hearts as we celebrate the 20th anniversary of Cybersecurity Awareness Month, an annual event dedicated to fostering a deeper understanding of cybersecurity and inspiring behavior change. Two decades ago, the prevailing belief among security professionals was that raising awareness alone could lead to secure online behaviors. But in 2023, we've learned that hope is not a strategy.

Ransomware's Impact on Cyber Insurance Strategies

In this discussion, we shed light on how insurance companies manage risks when insuring multiple businesses for the same potential threats. We explore the statistical balancing act they perform to ensure they can handle a few isolated issues without facing a widespread crisis. Dive into the intriguing world of insurance practices in the face of rising threats like ransomware attacks. Discover the unsettling dynamics where some ransomware groups tailor their demands based on your insurance coverage. It's a revealing look at the intricate strategies within the insurance industry.

Ex-Navy IT manager jailed for selling people's data on the dark web

A former US Navy IT manager has been sentenced to five years and five months in prison after illegally hacking a database containing personally identifiable information (PII) and selling it on the dark web. 32-year-old Marquis Cooper, of Selma, California, was a chief petty officer in the US Navy's Seventh Fleet when he opened an account in August 2018 with a company that maintains a PII database for millions of people.