Expert analysis
Clearview fine: The unacceptable face of modern surveillance
The UK’s Information Commissioner’s Office (ICO) has issued its third largest ever fine of £7.5m. It was imposed on Clearview AI, the controversial facial recognition company …
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in …
7 DevSecOps myths and how to overcome them
DevOps and security teams have long been at odds with each other over the software delivery pipeline. DevOps teams have historically viewed security teams as the “release …
How the blurring of the “supply chain” opens your doors to attackers—and how you can close them
There have been more than 200 dedicated supply chain attacks over the past decade. Some of these campaigns have affected countless supplier networks and millions of customers …
Board members and the C-suite need secure communication tools
Board members and the C-suite are key targets for cyber-threat actors, due to their access to highly sensitive information. Yet too many of them are putting their …
Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day …
How financial institutions are improving customer experience with fraud prevention measures
Fraud is a persistent threat, and there’s no end in sight as the e-commerce landscape continues to evolve and the use of online payment platforms increases. According to one …
Zero trust adoption: Industry-specific challenges and implementation strategies
Organizations across many industries are in the throes of a journey to implement the zero trust security model to increase their cybersecurity posture. Through my experience …
Mind the gap: How to ensure your vulnerability detection methods are up to scratch
With global cyber crime costs expected to surge, it comes as little surprise that the risk of attack is companies’ biggest concern globally. To help businesses uncover and fix …
Once is never enough: The need for continuous penetration testing
If you Google “How often should I do penetration testing?”, the first answer that pops up is “once a year.” Indeed, even industry-leading standards like PCI-DSS dictate that …
SaaS security: How to avoid “death by 1000 apps”
SaaS applications have become synonymous with modern business environments, and CISOs and security teams struggle to find a happy medium between ensuring the security of their …
API security warrants its own specific solution
Application programming interfaces (APIs) enable developers to quickly and easily roll-out services but they’re also equally attractive to attackers. This is because they can …