threat landscape

Balancing Risk and Innovation – A CISO Perspective

Posted on by Admin
Balancing Risk and Innovation – A CISO Perspective

In this episode of The Security Podcasts featuring Jill Knesek, CISO of Blackline, and former FBI Special Agent in the Cyber Crime Squad, we talk about balancing risk & innovation from a CISO’s perspective. “The message I like to give is we can be both innovative and secure.,” Knesek says. “They’re not mutually exclusive, and they shouldn’t be. By shifting left and embedding strong security practices and controls earlier into our development lifecycle, we can…

Read More

Researchers discovered a new phishing kit on the dark web

Posted on by Admin
Researchers discovered a new phishing kit on the dark web

Researchers at SlashNext discovered a new phishing kit on the dark web. This phishing kit, known as FishXProxy Phishing Kit, starts with uniquely generated links that can evade initial suspicion. Cybercriminals on underground forums are advertising this kit as “The Ultimate Powerful Phishing Toolkit” due to the sophisticated tools it provides. Capabilities this phishing kit provides includes: Sophisticated antibot systems that utilize Cloudfare’s CAPTCHA and filter out security measures Redirection abilities that obscure intended destinations Page…

Read More

The new normal: How to embrace a cultural approach to zero trust

Posted on by Admin
The new normal: How to embrace a cultural approach to zero trust

Today’s bad actors are increasingly ruthless and hostile. With the threat landscape ever evolving, combating increasingly sophisticated attacks necessitates a shift in focus from tools to culture. As social engineering schemes and AI-driven threats ramp up, it becomes increasingly evident that a modern, successful cyber defense requires a comprehensive, holistic approach — one that accounts for technology principles alongside human awareness and behavior.   Cyber resilience can no longer be achieved by implementing new security…

Read More

Unleashing the potential of investigative techniques

Posted on by Admin
Unleashing the potential of investigative techniques

In the realm of executive protection, the necessity to expect and defuse potential threats is paramount. Whether tasked with safeguarding high-profile individuals, corporate leaders or dignitaries, professionals in this field must possess a versatile skill set that transcends mere physical security measures. Among the array of skills they carry, the skill to conduct thorough investigations emerges as a cornerstone in optimizing executive protection. Drawing inspiration from the realm of investigative work and armed with resources…

Read More

Ava Turner Leone | Women in Security 2024

Posted on by Admin
Ava Turner Leone | Women in Security 2024

Thriving in security When Ava Turner Leone first entered the workforce as an officer manager for an import customs brokerage firm, she couldn’t have imagined where her career would take her over the next 26 years. “Early on my career really was happenstance, it was completely kind of unplanned in terms of what direction that I was going, I didn’t know what I wanted to do or where I was headed,” Turner Leone says. Her…

Read More

AI arms race: Cybersecurity defenders in the age of evolving threats

Posted on by Admin
AI arms race: Cybersecurity defenders in the age of evolving threats

As web application cyberattacks surge, defenders are on the frontline of an ever-evolving battlefield. With adversaries leveraging artificial intelligence (AI) to sharpen their assaults, defenders face unprecedented challenges. However, AI isn’t just empowering attackers — it’s also emerging as a crucial ally for defenders. Organizations can use AI’s capabilities and implement strong security training to identify and neutralize threats.  Rest assured, the rise in web application attacks signifies a persistent shift rather than a passing…

Read More

Risk management and mobile devices

Posted on by Admin
Risk management and mobile devices

In this episode of The Security Podcasts featuring Jim Coyle, U.S. Public Sector Chief Technology Officer at Lookout, we discuss what organizations can do to manage mobile device risks. “A lot of the conversations that we have, most people are under the assumption that having a mobile device management — or some kind of management software on their mobile device — will stop all of these various different threats that we see today. Whether it’s…

Read More

Does GPT-4 risk accelerating cybercrime?

Posted on by Admin
Does GPT-4 risk accelerating cybercrime?

Artificial intelligence is continuing to evolve and advance at a rapid rate. Its heightened integration into business models has grown, with large language models (LLMs) like GPT-4 (the one that is arguably dominating most of the recent discourse) continuing to illustrate possibilities and risks. While the technological breakthrough of GPT-4 holds immense potential for streamlining tasks and augmenting human teams, it also raises several security concerns and risks accelerating cybercrime. A recent report suggested that…

Read More

Email obfuscation tactics elude security protections

Posted on by Admin
Email obfuscation tactics elude security protections

Cyber attackers have used email obfuscation techniques for decades to conceal malicious code or data within a file, script or network traffic. There are many email obfuscation methods, such as putting addresses into images, captchas or texts that bots cannot read. Such traditional email obfuscation tactics are well known, and security controls have historically been good at patching and stopping them. But recently our threat researchers have uncovered some newly evolving techniques that are designed…

Read More

6 months of SEC cybersecurity disclosure rules: An updated view

Posted on by Admin
6 months of SEC cybersecurity disclosure rules: An updated view

As we reach the six-month mark of the SEC’s new cybersecurity disclosure regulations going into effect, it seems a good time to reflect on the requirements.  With the average cost of a security breach nearing $4.5 million and the increased frequency and sophistication of attacks showing no signs of letting up, it seems these requirements are necessary; self-regulation proved insufficient, and the stakes are higher than many people in leadership positions recognize. It’s not just…

Read More
1 2 3 4 6