Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners. One of the easiest ways for a security solution to spot a phishing attack is to evaluate the webpage a malicious link takes the recipient to.

Organizations Starting to Understand the Impact of Ransomware, But Their Efforts Not Enough to Overcome Infostealer Malware

Recent findings in a SpyCloud report shows companies are starting to recognize and shift their priorities to defend against ransomware attacks, but the use of infostealer malware still has a high success rate for cybercriminals. According to SpyCloud's analysis, 76% of infections that preceded these ransomware events involved Raccoon infostealer malware.

New Wave of Hospitality Phishing Attacks: Compromise User Credentials, Then Go Phish

The hospitality sector is seeing a new wave of phishing attacks. These new attacks are more plausible because they begin with compromised credentials and move to fraudulent emails sent from within a trusted network. The compromised systems are legitimate booking sites; the victims are the guests. Akamai, which has described the trend, outlines a three-step attack chain.

The National Student Clearinghouse Breach Exposed Millions of Students

The National Student Clearinghouse is a research facility that gathers data on students from approximately 22,000 high schools and more than 3,600 different colleges. Between all these schools throughout the United States, approximately 97% of the total student population is enrolled in the National Student Clearinghouse. That means the information for most students is on file with the organization.

Ensuring Compliance in an Ever-Evolving Cloud Security Landscape

According to CSO the fines incurred for data breaches or non-compliance with security and privacy laws, for only a handful of companies, has cost $4.4 billion. The global average cost of a data breach in 2023 was $4.45 million, a 15% increase over 3 years (IBM). The challenge for organizations is how to safeguard sensitive information while adhering to the law, but without compromising innovation. Cyber threats loom large, affecting businesses in every industry.

Secrets Management Best Practices: Secure Cloud-native Development Series

Build secure cloud-native applications by avoiding the top five security pitfalls we lay out in our Secure Cloud-native Development Series. This blog is the fifth and final part of the series, and it will teach you to handle credentials and secrets management best practices for securing cloud-native applications. Every organization has their way of managing credentials. In the past, with legacy application architectures, this was a bit more manual and arduous.

Ensuring vendor integrity: Why the cloud shouldn't be your only backup

As a senior consultant I deal with customers across numerous industries and maturity levels. I am often engaged in conducting risk assessments or gap analysis aligned with common frameworks such as the National Institute for Standards and Technology’s (NIST) Cybersecurity Framework (CSF). Most, if not all, the frameworks have a few controls that focus on the organization’s backup processes and disaster recovery plans.