Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re always captivated by WWDC, Apple’s annual developer conference, and the announcements shared during its keynotes and various breakout sessions. This year’s conference was particularly exciting because Apple unveiled a new passkey API that will be implemented in iOS 17. The API will enable password managers like 1Password to create and use passkeys inside any native app that has added passkey support, including Safari.

Monitoring remote desktop protocol (RDP) connections to your infrastructure is essential for maintaining a secure IT environment and managing insider risks. Additionally, recording remote user activity on your organization’s servers and other critical endpoints is often a requirement of cybersecurity laws and regulations. This article will guide you on how to monitor RDP connections to your infrastructure server, Jump server, Citrix server, or any other endpoint with Ekran System Client installed.

If someone asked you “are you protecting your data,” your initial response would probably be to clarify what they are referring to specifically, since the question is so broadly stated. You could just reply with a terse “Yes,” but that is as open-ended and nebulous as the question. The general idea of data protection encompasses so many areas, from the amount of data that is being stored, to the methods of securing it all.

Devoxx Poland is a developer first confrence that invites software innovators from around the world present latest trends in the industry, here are some of the key takeaways to build secure and resilient systems.

Elliptic Curve Cryptography (ECC) is a form of public-key cryptography that is based on the mathematics of elliptic curves. It provides a secure way to perform cryptographic operations such as key exchange, digital signatures and encryption. ECC is an alternative to Rivest-Shamir-Adleman (RSA) encryption, which was first released in 1977. Continue reading to learn more about elliptic curve cryptography and why it’s considered the most secure form of encryption.

Former Texas Congressman William "Mac" Thornberry and Trustwave Government Solutions President Bill Rucker recently sat down to discuss several pressing issues impacting the federal government’s cybersecurity preparedness, the impact the Russia-Ukraine War has had on cyber, and what remains to be done to shore up the nation's cyber defenses. This is the second half of their conversation.

Small businesses are more vulnerable to cyber-attacks since hackers view them as easy victims to target. While this may seem unlikely, statistics reveal that more than half of these businesses experienced some form of cyber-attack in 2022. It's also reported that state-sponsored threat actors are diversifying their tactics and shifting their focus toward smaller enterprises.

For years, KnowBe4 has been a long-time proponent of everyone using PHISHING-RESISTANT multi-factor authentication (MFA) whenever possible. Unfortunately, most MFA is as easily phishable, hackable, and bypassable as the passwords they were intended to replace. Even though KnowBe4 was an early proponent of phishing-resistant MFA, now most of the world is coming around, including NIST and CISA. Why Do I Need Training If I Am Already Using Phishing-Resistant MFA?

My analysis of this year’s newly-released Verizon Data Breach Investigations Report begins with ransomware findings that point back to users as a big problem. If you only read one report each year to give you an idea of what’s going on with cyber attacks, it’s Verizon’s Data Breach Investigations Report (DBIR). Each year, analysts sort through tens of thousands of data breach incidents (some successful, some not) and identify the attack patterns.

A Chinese-speaking phishing gang has expanded its targeting from the Asia-Pacific region to the Middle East, researchers at Group-IB have found. The gang, which the researchers call “PostalFurious,” impersonated a toll operator and a postal service in the Middle East.