Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

What are AI Phishing Attacks? AI phishing attacks, also known as AI-powered phishing or AI-driven phishing, are sophisticated cyberattacks that leverage artificial intelligence and machine learning algorithms to craft and execute highly convincing phishing attempts. These attacks are designed to deceive individuals or employees into divulging sensitive information, such as login credentials, financial details, or personal data. How Do AI Phishing Attacks Work?

Build secure cloud-native applications by avoiding the top five security pitfalls we lay out in our Secure Cloud-native Development Series. This blog is the fifth and final part of the series, and it will teach you to handle credentials and secrets management best practices for securing cloud-native applications. Every organization has their way of managing credentials. In the past, with legacy application architectures, this was a bit more manual and arduous.

According to CSO the fines incurred for data breaches or non-compliance with security and privacy laws, for only a handful of companies, has cost $4.4 billion. The global average cost of a data breach in 2023 was $4.45 million, a 15% increase over 3 years (IBM). The challenge for organizations is how to safeguard sensitive information while adhering to the law, but without compromising innovation. Cyber threats loom large, affecting businesses in every industry.

In the dynamic landscape of modern web applications and organizations, access control is critical. Defining who can do what within your Cloudflare account ensures security and efficient workflow management.

As a senior consultant I deal with customers across numerous industries and maturity levels. I am often engaged in conducting risk assessments or gap analysis aligned with common frameworks such as the National Institute for Standards and Technology’s (NIST) Cybersecurity Framework (CSF). Most, if not all, the frameworks have a few controls that focus on the organization’s backup processes and disaster recovery plans.

Welcome to the 10th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API9:2023 Improper Inventory Management. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.

Large language models like OpenAI’s GPT, Anthropic’s Claude, and Google’s Gemini have changed the way businesses process and transmit sensitive data. LLMs boosted productivity and enhanced customer experience like never before, triggering unprecedented adoption across enterprises. Amidst all the rush and excitement, the negative impacts were overlooked and swept under the carpet – till it became a privacy and compliance issue.

A typo is one of those common mistakes with unpredictable results when it comes to the Internet’s domain names (DNS). In this blog post we’re going to analyze traffic for exmaple.com, and see how a very simple human error ends up creating unintentional traffic on the Internet. Cloudflare has owned exmaple.com for a few years now, but don’t confuse it with example.com!

Sitting at your desk, coding away with another cup of your favorite caffeine-infused beverage, you might be thinking to yourself, “it’s true what they say about no rest for the weary.” If you’re developing an app or architecting a cloud-native system, you can actually get the REST you need with the right Application Programming Interface (API). REST APIs provide a scalable, flexible, easy-to-use interface that makes developing and connecting web apps easier.