When most people think of threat hunting, they think of uncovering unknown threats. Would you believe me if I told you that is only ONE of many (better) reasons to show value with threat hunting? The PEAK Threat Hunting Framework incorporates three distinct hunt types: hypothesis-driven, baseline and model-assisted threat hunts. Each hunt type follows a three-stage process: Prepare, Execute, and Act.

The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of that determination. The disclosure should describe the material aspects of the incident, including the nature of the incident, the impact on the company, and the company's response.

Anyone who has played a Tower Defense-style game, (Plants Vs. Zombies being a favourite) knows the only way to hold off the hoard of brain-eating zombies is to know your weaknesses before the next wave attacks and to plan accordingly. Oddly, preparing a cybersecurity defense is somewhat similar: the player/organization knows attacks are coming, they have an idea from where and how they will be conducted, and they need to place the proper pieces on the board at the right place to stay safe.

The European Union introduced the EU Cybersecurity Act to boost cybersecurity measures and cyber resilience across EU member states. With a digitally connected Union, having consistent regulations for cybersecurity measures across member states is vital in protecting against cyber attacks.

Callback phishing isn't your typical email scam. Instead of the usual suspects with bad grammar and obvious malicious links, these attacks play mind games. They set up a multi-layered trap using some smooth-talking tactics to get you to dial a fake number and spill your sensitive info.

DuoLingo is a massive language learning service that provides lessons to more than 74 million users around the world. The service offers short language lessons via a set of apps and is designed to help users learn new languages. Duolingo doesn't store a huge amount of information about its users, but it does have enough data on its users for it to be problematic if the information is lost.

Whenever an organization outsources part of its business process to an outside party, it introduces various risks to the primary organization. Third-party risk management refers to how organizations address and mitigate security risks across their entire library of vendors and suppliers. Unfortunately, third-party risk exposure can be difficult to manage and comes with many challenges organizations must address for an effective third-party risk management program.

Dell disclosed a Compellent vulnerability affecting VMware users. Let's take a closer look to learn to safeguard your data, prevent coding mishaps, and ensure online security.

The Keeper team had an amazing time at the 2023 Black Hat security conference in Las Vegas. We met with partners, prospects, friends, vendors, and of course, our incredible customers. Over the span of two days we talked to thousands of people and collected valuable data on a number of critical topics. In fact, we generated a mountain of data about what cybersecurity professionals want from password and privileged access management solutions.

Data breaches are quickly becoming one of the most damaging crimes committed today and one of the most common. Hackers are stealing valuable information from organizations at a rapidly growing rate, which means your data isn't safe for anyone. Major companies like Tesla, M&T Bank, and Duolingo were all hit by breaches this week, as well as Missouri Medicaid, the University of Missouri, and UMass Chan Medical School.