A recent campaign, unearthed by researchers at INKY, is the latest example of exploitation of a legitimate cloud service. The campaign impersonates the U.S. Small Business Administration (SBA), targeting small businesses that are unaware of the fact that the SBA recently stopped accepting applications for COVID-19 relief loans or grants. The element that makes this campaign stand out from the others is the exploitation of a well-known and familiar cloud service to host the phishing page: Google Forms.

Homomorphic encryption brings a whole new paradigm to encrypting data. In this article, I’ll explain homomorphic encryption, including.

Of the many lessons that can be learned from how the Optus data breach was handled, one stands out - Australia’s privacy laws are not equipped to support Aussie data breach victims. To change this, the Australian Government is amending its Telecommunications Regulations 2021 Act. APRA-regulated financial entities can now be involved in efforts to mitigate financial fraud following a data breach.

CrowdStrike Falcon OverWatch™ threat hunters frequently uncover security testing activity in the course of routine hunting. While much of this activity can be confidently attributed to planned and sanctioned testing, OverWatch is always careful not to discount a threat on the basis that it looks like a test. Some of the more stealthy adversaries will attempt to evade detection by mimicking or using tools and techniques commonly used by security testers.

Phishing hackers have struck again; this time, US retail brand, Bed, Bath & Beyond has fallen prey to the attack. Only a few details are available to the broader public; however, there is much more than meets the eye.

The problem of securing the modern workforce goes beyond occasional spats between IT and security. The real problems we see are user credentials under constant attack, alongside attempts to harvest and exploit enterprise data. Plus the cloud resources that workforces need are tough to secure, especially when deployed outside of IT-led processes. In light of these issues, corporations need a way to securely provide always-on cloud access for users while safeguarding enterprise data anywhere it goes.

During our sixth-annual user conference, Illuminate, Dave Frampton, General Manager of the security business at Sumo Logic, hosted a panel discussion with Yaron Levi, CISO of Dolby, and Tyson Martin, member of the CISO group at AWS, about the challenges and opportunities of securing modern applications. These are the key takeaways from that conversation..

The Optus data breach was the second-largest data breach in Australia. 9.8 million current and former Optus customers were impacted by the event, with 2.1 million suffering compromises of highly-sensitive government identification information, like driver’s license numbers and passport numbers. In other words, this single cybersecurity incident has placed almost half of the Australian population at risk of identity theft scams and financial fraud.

As an entrepreneur, you're well aware of how devastating ransomware attacks can be. And as the frequency and magnitude of such attacks are constantly on the rise, devising a formidable plan to protect your startup from a ransomware attack is imperative. According to CrowdStrike 2022 Global Threat Report, there has been an 82% YoY increase in ransomware-related data leaks in 2021. What's more? According to Statista, there were 623.3 million ransomware attacks worldwide in 2021.

Cloud misconfigurations can cause devastating financial and reputational damage to organizations. Yet, such undesirable circumstances can be avoided by understanding the common misconfiguration errors and mitigating them before malicious actors can exploit them. Ava Chawla, AlgoSec’s Global Head of Security provides some valuable insights on cloud misconfigurations and offers useful tips on how to avoid them.