Is the UK government prepared for its greatest threat?
Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency (CISA), has warned the UK government that they could be the victim of a 9/11-style …
Evolving online habits have paved the way for fraud. What can we do about it?
Information is power, and personally identifiable information (PII) is an extremely powerful asset that is fueling the rapid growth of online fraud (also known as the Digital …
Detection, isolation, and negotiation: Improving your ransomware preparedness and response
The risks presented by ransomware and cyber extortion events have likely found a place in your own security team’s discussions, and rightfully so. Ransomware attacks have …
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in …
7 DevSecOps myths and how to overcome them
DevOps and security teams have long been at odds with each other over the software delivery pipeline. DevOps teams have historically viewed security teams as the “release …
How the blurring of the “supply chain” opens your doors to attackers—and how you can close them
There have been more than 200 dedicated supply chain attacks over the past decade. Some of these campaigns have affected countless supplier networks and millions of customers …
Board members and the C-suite need secure communication tools
Board members and the C-suite are key targets for cyber-threat actors, due to their access to highly sensitive information. Yet too many of them are putting their …
Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day …
How financial institutions are improving customer experience with fraud prevention measures
Fraud is a persistent threat, and there’s no end in sight as the e-commerce landscape continues to evolve and the use of online payment platforms increases. According to one …
Zero trust adoption: Industry-specific challenges and implementation strategies
Organizations across many industries are in the throes of a journey to implement the zero trust security model to increase their cybersecurity posture. Through my experience …
Mind the gap: How to ensure your vulnerability detection methods are up to scratch
With global cyber crime costs expected to surge, it comes as little surprise that the risk of attack is companies’ biggest concern globally. To help businesses uncover and fix …
Once is never enough: The need for continuous penetration testing
If you Google “How often should I do penetration testing?”, the first answer that pops up is “once a year.” Indeed, even industry-leading standards like PCI-DSS dictate that …