Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In any organization, a user may access numerous devices and applications, but not always with the same username or credentials. Devices and applications use platform-specific user registries that are distinct from each other. As a result, organizations may end up monitoring five user identities from five devices separately, while they actually belong to a single user. The table below shows one user, Michael Bay, using different user identities to log on and access various devices and applications.

As technology progresses and mobile devices become ubiquitous, a remarkably large number of people worldwide are now using smartphones. In fact, current estimates show that 6.8 billion users rely on their phones for an array of activities; but most significantly – 88% is dedicated to app usage! While the above stats show that the mobile app industry is thriving, it's also a matter of concern. Why?

Bytesafe Community Edition (CE) is a free, robust security platform designed to protect organizations from open source software supply chain attacks. It’s an ideal tool to manage your Python projects and packages securely. Here’s a simple guide to get you started with Bytesafe CE and Python.

Food for thought as discussed on May 18, 2023, an article posted in The Australian Insurance Council: Banning paying a ransom to cyber hackers is counter-productive where Andrew Hall, the Chief Executive of the Insurance Council of Australia (ICA), stated that “attempts to ban businesses from paying ransoms for cyber attacks risks eroding trust and relationships with government.”

Google has recently introduced a set of new top-level domains: .dad, .esq, .prof, .phd, .nexus, .foo, .zip and.mov. They’re now available for purchase, and it’s the last two that are attracting attention due to the risk of abuse in phishing attacks. WIRED describes why.zip and.mov have raised concerns. “The two stand out because they are also common file extension names. The former, .zip, is ubiquitous for data compression, while.mov is a video format developed by Apple.

One of KnowBe4's long-term employees just send me a picture this morning of a postcard that sure looks like it's phishing, the good old-fashioned way: snail mail! Here is the picture and you tell me what all the red flags are! The domain does not work of course. The email seems to have disappeared into the bitbucket. For many obvious reasons i have not tried the QR code since I do not have a bulletproof sandbox installed on my smartphone where I can detonate malware. :-D.