Collaborate Disseminate
Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitor… Continue reading Security considerations during layoffs: Advice from an MSSP
OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam… Continue reading 3 ways to combat rising OAuth SaaS attacks
For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the bait. Over time, however, as spa… Continue reading Flipping the BEC funnel: Phishing in the age of GenAI
As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it’s evident that we’re on the cusp of a paradigm shift in cloud security. Businesses and cybersecurity professionals must stay abreast of these changes, a… Continue reading Cloud security predictions for 2024
Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and eve… Continue reading Purple teaming and the role of threat categorization
As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress should grind to a halt: Exploring AI is essential to staying competitive, meani… Continue reading Top LLM vulnerabilities and how to mitigate the associated risk
Why is it that when a company becomes aware of a potential data security incident, the team working on it (and others who are made aware that “something” is going on) have an immediate and overwhelming feeling that the company is doomed? And yet, when … Continue reading If you prepare, a data security incident will not cause an existential crisis
Happy 2024 Everyone! I hope everyone is looking forward to another exciting year in the ever-changing world of IT operations and software security. This article aims to provide a quick summary of some of the latest trends, announcements, and changes as… Continue reading January 2024 Patch Tuesday forecast: A Focus on Printing
Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the incompatibility of tools designed for both mainframes and enterprise settings, re… Continue reading Why you need to extend enterprise IT security to the mainframe
As technology continues to advance at an unprecedented pace, so does the complexity of API (application programming interface) security. With the proliferation of APIs in modern applications and services, organizations will need to develop a better und… Continue reading API security in 2024: Predictions and trends