Tag: awareness
-
How Wesco cut through the noise and reimagined risk management
Tags: ai, application-security, automation, awareness, business, conference, container, control, data, defense, detection, exploit, github, intelligence, kubernetes, microsoft, mitigation, risk, risk-management, software, strategy, threat, tool, vulnerability, zero-dayProactive defense: Real-time threat intelligence feeds allow Wesco to spot and neutralize vulnerabilities before they escalate.Improved awareness: Developers and security teams have clearer visibility into zero-day threats and can act faster.Application security posture enhancement: A “security champions program” ensures accountability doesn’t sit only with the security team but across development and executive teams, too.AI-driven risk…
-
Ransomware gang going after improperly patched SonicWall firewalls
Tags: authentication, awareness, data-breach, defense, firewall, Internet, mfa, phishing, ransomware, updatepatch all internet-exposed systems as soon as fixes are released;enable phishing-resistant multi-factor authentication for all users;monitor the internet for leaked credentials;run a regular phishing security awareness campaign for employees.CISOs can also refer to the IST’s Blueprint for Ransomware Defense for more tips. First seen on csoonline.com Jump to article: www.csoonline.com/article/4056080/ransomware-gang-going-after-improperly-patched-sonicwall-firewalls.html
-
Managed SOC für mehr Sicherheit
Tags: awareness, cloud, compliance, cyberattack, encryption, germany, infrastructure, nis-2, password, risk, security-incident, service, soc, software, supply-chainAls zentrale Einheit überwachen Fachleute im SOC die gesamte IT-Infrastruktur eines Unternehmens. Rund um die Uhr analysieren sie alle sicherheitsrelevanten Ereignisse in Echtzeit.Die Anforderungen an IT-Sicherheit haben sich in den vergangenen Jahrzehnten drastisch verändert. Während früher ein einfaches Passwort als Schutzmaßnahme genügte, sind heute mehrschichtige Sicherheitskonzepte erforderlich. Nur so können sich Unternehmen effektiv vor Cyberangriffen…
-
Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting
GPU-Gated decryption evades detection: The malware itself is delivered as a large Microsoft Software Installer (MSI) file, approximately 128 MB in size. It features a GPU-gated decryption mechanism that keeps the payload encrypted unless it detects the presence of a real GPU on the system. Researchers noted that this design allows GPUGate to remain dormant…
-
Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting
GPU-Gated decryption evades detection: The malware itself is delivered as a large Microsoft Software Installer (MSI) file, approximately 128 MB in size. It features a GPU-gated decryption mechanism that keeps the payload encrypted unless it detects the presence of a real GPU on the system. Researchers noted that this design allows GPUGate to remain dormant…
-
Phishing kit Salty2FA washes away confidence in MFA
A call for layered and adaptive defenses: Countering Salty2FA might need something more than passwords and legacy controls, industry experts agreed. Darren Guccione, CEO of Keeper Security, argued that passkeys and passwordless authentication should be part of the strategy. “These technologies complement existing security measures by reducing reliance on traditional passwords, which remain a prime…
-
Phishing kit Salty2FA washes away confidence in MFA
A call for layered and adaptive defenses: Countering Salty2FA might need something more than passwords and legacy controls, industry experts agreed. Darren Guccione, CEO of Keeper Security, argued that passkeys and passwordless authentication should be part of the strategy. “These technologies complement existing security measures by reducing reliance on traditional passwords, which remain a prime…
-
5 ways CISOs are experimenting with AI
Tags: ai, attack, awareness, breach, business, ceo, cio, ciso, control, cyber, cybersecurity, data, data-breach, detection, email, finance, framework, incident response, intelligence, login, metric, microsoft, monitoring, phishing, qr, risk, risk-assessment, risk-management, service, siem, soc, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementTranslating security metrics into business language: CISOs are now tasked with being the security storyteller, and it doesn’t always come easily. Turning to AI, CISOs are finding a helping hand to translate technical detail into business-oriented narratives, drawing on a range of data sources, risk trends, control gaps and threat modeling.AI tools are helping tailor…
-
5 ways CISOs are experimenting with AI
Tags: ai, attack, awareness, breach, business, ceo, cio, ciso, control, cyber, cybersecurity, data, data-breach, detection, email, finance, framework, incident response, intelligence, login, metric, microsoft, monitoring, phishing, qr, risk, risk-assessment, risk-management, service, siem, soc, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementTranslating security metrics into business language: CISOs are now tasked with being the security storyteller, and it doesn’t always come easily. Turning to AI, CISOs are finding a helping hand to translate technical detail into business-oriented narratives, drawing on a range of data sources, risk trends, control gaps and threat modeling.AI tools are helping tailor…
-
AI powered autonomous ransomware campaigns are coming, say experts
CSO, “it is entirely possible that criminals beat them to it. I have already seen AIs that can do scans, write malware, identify which resources are most valuable, [and more]. It is no surprise that someone found a way to have an AI automate such functions.”Grossman advised CISOs to continue implementing security controls under frameworks…
-
US Announces $10M Bounty on FSB Hackers Behind Cisco Exploits
Tags: awareness, cisco, cyber, cyberattack, exploit, government, hacker, infrastructure, network, russiaThe U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers. The officers are accused of carrying out cyberattacks on U.S. critical infrastructure and exploiting Cisco network equipment. This public notice aims to raise awareness and encourage anyone with useful information to come forward. According to…
-
Kostenloses Toolkit zum CybersecurityMonth
KnowBe4 bringt sein siebtes Toolkit zum Cybersecurity-Awareness-Month auf den Markt, um Einzelpersonen und Organisationen mit praktischen Tools und Schulungen dabei zu unterstützen, ‘unsere Welt sicherer zu machen”. Das Toolkit steht im Einklang mit dem diesjährigen Thema ‘Secure Our World” und unterstützt die globale Bewegung, die die Bedeutung der Sicherung unseres digitalen Lebens hervorhebt. Der Cybersecurity-Awareness-Month,…
-
Bringing the Human Back into Cybersecurity: What Values-Based Education Teaches Us About Digital Mindfulness
Recently, I had the pleasure of speaking with Inda Sahota, the dynamic and deeply empathetic force behind cybersecurity awareness at Fresenius Group. What struck me most wasn’t just her deep understanding of human-centric security, it was how naturally she bridges the gap between personal values and professional practice. Inda brings her whole self into her…
-
Distraction is the New Zero-Day: The Human Risk We Keep Ignoring
A few days ago, my friend Javvad Malik”, a sharp voice in our industry and someone I trust”, shared something that made me stop and think. Javvad, KnowBe4’s security awareness advocate, summed up the state of things beautifully: “Cyber risk is not just about advanced technology; it is about human bandwidth and the cognitive load…
-
Distraction is the New Zero-Day: The Human Risk We Keep Ignoring
A few days ago, my friend Javvad Malik”, a sharp voice in our industry and someone I trust”, shared something that made me stop and think. Javvad, KnowBe4’s security awareness advocate, summed up the state of things beautifully: “Cyber risk is not just about advanced technology; it is about human bandwidth and the cognitive load…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
115.000 Phishing-Emails in einer Woche versendet
Tags: awareness, best-practice, cyber, email, google, infrastructure, mail, phishing, saas, softwareEine neue Art des Phishings breitet sich aus. Sie setzt dabei auf bewährte Marken, unaufgeklärte Mitarbeitende und ungeschützte Kanäle.Laut Google nutzen 40 Millionen Lehrer und Schüler weltweit Google Classroom, um Leistungsnachweise, Schulaufgaben und Lehrmaterial bereitzustellen. Da die Software weit verbreitet ist, wird sie attraktiv für Cyberkriminelle. Eine immer noch aktive, weltweite auftretende Kampagne hat der…
-
Security Awareness Report des SANS Institut – Mit Strategie und KI zu wirksamer Security Awareness
First seen on security-insider.de Jump to article: www.security-insider.de/social-engineering-groesste-cybergefahr-fuer-unternehmen-a-82732e47bc023377fbdaa8c1f2e06cc6/
-
Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025
As security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks often aren’t from cutting-edge exploits, but from cracked credentials and compromised accounts. Despite widespread awareness of this threat vector, Picus Security’s Blue Report 2025 shows that organizations continue to struggle with…
-
Why the Email Security Battle Feels Lost (At Least for Now)
Despite better tools and growing awareness, phishing and impersonation attacks remain rampant. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/why-the-email-security-battle-feels-lost-at-least-for-now/
-
SANS Security Awareness Report zeigt, Mensch bleibt wichtigster Angriffsvektor
Der Report basiert auf der bisher größten SANS-Umfrage mit Beiträgen von mehr als 2700 Security-Awareness-Praktikern aus über 70 Ländern. Damit liefert er die umfassendste und aufschlussreichste Analyse seit Bestehen der Studie. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-security-awareness-report-zeigt-mensch-bleibt-wichtigster-angriffsvektor/a41728/
-
MacOS Under Attack: How Organizations Can Counter Rising Threats
Not only are attacks against macOS users ramping up, but threat actors have proved to be advanced with deepfake technology. Security awareness training may be the best defense. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/mac-under-attack-how-organizations-can-counter-rising-threats