The Human Factor: Redefining Cybersecurity In The Age Of AI

The Human Factor: Redefining Cybersecurity In The Age Of AI

With 74% of breaches starting with people, securing the human layer is cybersecurity’s most urgent … More priority. getty It is a common mantra in cybersecurity that humans are the weakest link. It’s a notion I often push back on, because it is generally used as a sort of tacit excuse for why cybersecurity tools or processes fail, but there is also an element of truth to it. One of the key takeaways from Verizon’s…

Read More

Patch Tuesday: Microsoft Fixes 57 Security Flaws

Patch Tuesday: Microsoft Fixes 57 Security Flaws

Image: Microsoft News Microsoft just dropped its March 2025 Patch Tuesday update, which includes 57 fixes though closer to 70 with third-party vulnerabilities included. The update addresses some critical security issues that require immediate attention, including the following six zero-day vulnerabilities that hackers are actively exploiting. CVE-2025-26633: A security hole in Microsoft Management Console that lets hackers bypass normal protections. They typically trick you into opening a specially designed file or website through email or…

Read More

Data Theft Drove 94% of Cyberattacks in 2024

Data Theft Drove 94% of Cyberattacks in 2024

Data theft accounted for 94% of all cyber attacks worldwide in 2024, according to new research, as cybercriminals increasingly combine data exfiltration with encryption in ransomware campaigns. Beyond encryption, ransomware attackers now threaten to leak or sell a company’s data on the dark web if victims refuse to pay. Stolen information often includes personally identifiable data and proprietary intellectual property. The findings come from BlackFog’s 2024 Ransomware Trend Report, which analysed ransomware activity across hundreds…

Read More

Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains

Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains

Threat actors are increasingly targeting trusted business platforms such as Dropbox, SharePoint, and QuickBooks in their phishing email campaigns and leveraging legitimate domains to bypass security measures, a new report released today has found. By embedding sender addresses or payload links within legitimate domains, attackers evade traditional detection methods and deceive unsuspecting users. According to Darktrace’s Annual Threat Report 2024, the authors detected more than 30.4 million phishing emails, reinforcing phishing as the preferred attack…

Read More

CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise

CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise

Welcome. Tell us a little bit about you. This will help us provide you with customized content. First Name Last Name Job Title Company Name Company Size Select a size 1 – 4 5 – 9 10 – 24 25 – 49 50 – 99 100 – 249 250 – 499 500 – 999 1000 – 4999 5000 – 9999 9999+ Industry Select an industry Advertising, Public Relations, and Marketing Aerospace and Aviation Agriculture and…

Read More

Microsoft Will Remove the Free VPN That Comes With Windows Defender

Microsoft Will Remove the Free VPN That Comes With Windows Defender

As of Feb. 28, Microsoft Defender customers will lose access to the VPN that came with the subscription. Billed as “the privacy protection feature,” the VPN included in the subscription isolated Microsoft 365 applications for additional security. It was released in 2023. Why did Microsoft remove the VPN feature? “Our goal is to ensure you, and your family remain safer online,” an anonymous Microsoft employee wrote in the end-of-support notification. “We routinely evaluate the usage…

Read More

DeepSeek Chatbot Beats OpenAI on App Store Leaderboard

DeepSeek Chatbot Beats OpenAI on App Store Leaderboard

Over the weekend, Chinese AI company DeepSeek released an AI chat app including a “reasoning” AI model comparable to OpenAI’s o1, causing a stir among American AI companies as DeepSeek rose to the top of Apple’s App Store. DeepSeek is a Hangzhou, China-based company providing generative AI models and AI integration. Its first products to make waves in the American market are the GPT-4-like DeepSeek-V3 and R1, an advanced “reasoning model.” Like ChatGPT, DeepSeek-V3 and…

Read More

Sneaky Log Phishing Scheme Targets Two-Factor Security

Sneaky Log Phishing Scheme Targets Two-Factor Security

Security researchers at French firm Sekoia detected a new phishing-as-a-service kit targeting Microsoft 365 accounts in December 2024, the company announced on Jan. 16. The kit, called Sneaky 2FA, was distributed through Telegram by the threat actor service Sneaky Log. It is associated with about 100 domains and has been active since at least October 2024. Sneaky 2FA is an adversary-in-the-middle attack, meaning it intercepts information sent between two devices: in this case, a device…

Read More

Patch Tuesday: Microsoft’s January 2025 Security Update Patches Exploited Elevation of Privilege Attacks

Patch Tuesday: Microsoft’s January 2025 Security Update Patches Exploited Elevation of Privilege Attacks

Microsoft’s latest batch of security patches includes an expanded blacklist for certain Windows Kernel Vulnerable Drivers and fixes for several elevations of privilege vulnerabilities. The January 2025 Security Update addressed 159 vulnerabilities. Security patches should be applied to keep software up-to-date. However, early versions of patches may be unreliable and should be cautiously approached and deployed in test environments first. 1 Pipedrive CRM Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999),…

Read More

What Is Patch Tuesday? Microsoft's Monthly Update Explained

What Is Patch Tuesday? Microsoft's Monthly Update Explained

On the second Tuesday of each month, Microsoft and other tech companies release patches for consumer and enterprise users. These updates, including bug fixes and security enhancements from the previous month, are known as “Patch Tuesday.” The monthly update is an important opportunity to ensure that security features and applications are up to date. Microsoft details the official Patch Tuesday release in their Security Update Guide. Below, TechRepublic explores its purpose, how it works, and…

Read More
1 2 3 7