Business resilience must be the ultimate purpose of all the security controls and processes we employ, because we will never conclusively defeat or protect...
Noteworthy stories that might have slipped under the radar: several multi-million dollar settlements, CrowdStrike-themed phishing emails, and MITRE launches D3FEND 1.0.
While traditional security awareness teaches users how to recognize social engineering, new behavior changing trains the brain on the correct recognition and response to...
Security awareness training isn’t working to the level it needs to. Social engineering, however, is getting better. Why doesn’t awareness training work, and how...
A new phishing-as-a-service (PaaS) tool has been observed targeting businesses, mainly in the manufacturing, healthcare, technology, and real estate sectors.
The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...
Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...