{Latest Posts}
The Rising Threat of Mobile Phishing Attacks: Why Your Organization Needs to Prepare
The growth of mobile devices in the workplace has turned mobile phishing into a significant opportunity for malicious actors, and it’s therefore a growing concern for organizations. With mobile phishing, the attacker sends links to
Cyber Whistleblowing: What Employers Should Know
As businesses adopt emerging technologies like AI and VR, professional lives are growing more connected to the internet and, therefore, the world. While this can drastically improve efficiency and contribute to business growth, it has
Best Identity and Access Management (IAM) Practices for DevSecOps
Humans have long been the weakest link in an organization’s cybersecurity infrastructure. Statistics reveal that human errors such as misconfigurations, secret leakage, and bad data hygiene cause 95% of data breaches. Hackers rarely find their
5 Common Cybersecurity/IT Mistakes in Your Small Business
The world is filled with hackers and other criminals who hunt the web for unprotected small and medium-sized businesses. Cybercriminals understand that many businesses are not equipped to manage a breach, leaving them more vulnerable
The State of Server-Side Request Forgery Risks in 2022
Perhaps one of the best Black Hat talks in recent years was renowned web security researcher Orange Tsai’s presentation about bypassing Server-Side Request Forgery (SSRF) defenses. Together with his team, Tsai proposed a “very general
Why Data Protection Must Be a Part of Every Cybersecurity Strategy
Widespread transition to remote/hybrid work creates vast opportunities for cyber attackers. With much more data being stored in the cloud and employees toiling away in less-secure home-office environments, ransomware attacks have skyrocketed. All told, ransomware
Application Security Should Be A Badge Of Honor, Not A Wall Of Shame
Cybersecurity news is a curious thing. For the most part it’s bad news. Companies have been breached, risks are ever increasing and another billion-dollar crypto raid is under investigation. Feels like we have enough to
Fixing Vulnerabilities at Speed—How Engineering and Security Can Achieve True DevSecOps
What happens when two distinct teams with varied technological expertise, different incentive structures and contrasting priorities converge?—the answer is usually tension. During a recent discussion with colleagues, a completely different result was experienced. ‘Camaraderie’ is
