threat landscape

Does GPT-4 risk accelerating cybercrime?

Posted on by Admin
Does GPT-4 risk accelerating cybercrime?

Artificial intelligence is continuing to evolve and advance at a rapid rate. Its heightened integration into business models has grown, with large language models (LLMs) like GPT-4 (the one that is arguably dominating most of the recent discourse) continuing to illustrate possibilities and risks. While the technological breakthrough of GPT-4 holds immense potential for streamlining tasks and augmenting human teams, it also raises several security concerns and risks accelerating cybercrime. A recent report suggested that…

Read More

Email obfuscation tactics elude security protections

Posted on by Admin
Email obfuscation tactics elude security protections

Cyber attackers have used email obfuscation techniques for decades to conceal malicious code or data within a file, script or network traffic. There are many email obfuscation methods, such as putting addresses into images, captchas or texts that bots cannot read. Such traditional email obfuscation tactics are well known, and security controls have historically been good at patching and stopping them. But recently our threat researchers have uncovered some newly evolving techniques that are designed…

Read More

6 months of SEC cybersecurity disclosure rules: An updated view

Posted on by Admin
6 months of SEC cybersecurity disclosure rules: An updated view

As we reach the six-month mark of the SEC’s new cybersecurity disclosure regulations going into effect, it seems a good time to reflect on the requirements.  With the average cost of a security breach nearing $4.5 million and the increased frequency and sophistication of attacks showing no signs of letting up, it seems these requirements are necessary; self-regulation proved insufficient, and the stakes are higher than many people in leadership positions recognize. It’s not just…

Read More

Navigating political polarization in the workplace

Posted on by Admin
Navigating political polarization in the workplace

In this episode of The Security Podcasts featuring Scott McHugh, retired CSO at LyondellBasell Chemical Company and Faculty at Rice University, we discuss the challenges security leaders face when navigating political polarization in the workplace. “This is actually not a new phenomenon,” Scott McHugh says. “It really started in the late ’90s, in the Clinton administration, and it’s just been manifesting itself through the years ever since then. And it’s become much more of a…

Read More

Cybercriminals target SAP vulnerabilities

Posted on by Admin
Cybercriminals target SAP vulnerabilities

Cybercriminals are getting better at attacking critical business applications, according to a recent report by Onapsis. The report found a rise in threat actors targeting SAP vulnerabilities.  According to the report, 2023 was an important year for the SAP application threat landscape. The report found a 400% increase in ransomware incidents that involved compromising SAP systems and data at victim’s organizations.  The report found that conversations on SAP vulnerabilities and exploits have increased 490% across…

Read More

Safeguarding healthcare facilities

Posted on by Admin
Safeguarding healthcare facilities

In the world of healthcare security, the threats are ever-evolving with hospitals and healthcare facilities facing a unique set of challenges that demand innovative solutions and dedicated leadership. From safeguarding patient privacy to defending against physical threats, the importance of a robust security strategy in a healthcare environment is paramount. One of the major challenges faced by healthcare facilities is how to maintain a balance of security while remaining open to the public. Here, security leaders discuss…

Read More

83% of organizations faced at least one account takeover the past year

Posted on by Admin
83% of organizations faced at least one account takeover the past year

A survey from Abnormal Security reveals that account takeovers are a prominent threat. By surveying 300 security professionals across a range of industries and organization sizes, the report found that 83% of organizations claimed to have experienced at least one account takeover in the last year. Furthermore, 45.5% of organizations experienced more than five account takeover incidents in the past year, and nearly one in five experienced more than 10. The survey determined that 77%…

Read More

Living off the land in a victim’s network

Posted on by Admin
Living off the land in a victim’s network

In January of this year, the directors of the United States Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) appeared before a committee on Capitol Hill. During their testimonies, they attested to the present and growing cyber threat that Chinese state-sponsored cyber attackers, such as Volt Typhoon, pose to U.S. critical national infrastructure (CNI) — primarily communications, energy, transportation systems and water and wastewater systems sectors.  The…

Read More

90% of organizations experienced an identity incident this past year

Posted on by Admin
90% of organizations experienced an identity incident this past year

A report by the Identity Defined Security Alliance (IDSA) examined the identity security systems within large organizations. The study revealed trends in common identity incident vectors and direct organizational influence. It also analyzed the impact of trends such as cyber insurance, artificial intelligence (AI) and the shifting regulatory landscape. Among the studied organizations, 90% claimed to experience an identity-related event in the last year. This percentage remains consistent with the percentage from 2023.  More key…

Read More

Thriving in 2030: The future of compliance and risk management

Posted on by Admin
Thriving in 2030: The future of compliance and risk management

In 2030, organizations of all sizes must expect the technology landscape to be dramatically different. As cloud-native applications take over, ephemeral technology will be a larger component of infrastructure, regulatory demands will increase and there will be a critical need for speed that many organizations are not currently prepared to meet. Understanding the future of compliance and risk management is essential for any organization aiming to thrive in the hyper-speed era ahead.  Prepare for evolving…

Read More
1 2 3 4 5 6