If you’ve spent any time in penetration testing, chances are you’ve crossed paths with Metasploit. The second edition of Metasploit tries to bring the book in line with how pentesters are using the tool. It mostly succeeds, with some caveats depending on your experience level and what you’re hoping to get out of it. About […]
In this insightful interview with Aaron McCray, Field CISO at CDW, we dive into the evolving role of CISOs as they embrace AI governance and security tactics at the boardroom level. As AI becomes increasingly embedded in business, McCray discusses how CISOs transition from tactical cyber guardians to strategic enterprise risk advisors. The Evolving Role […]
BMM Testlabs is making waves this week at the SiGMA Asia Summit, showcasing its top-notch compliance solutions and services aimed at the gaming industry. The event runs from June 1-4 at SMX Manila, and BMM is set to present its extensive expertise in product compliance and cybersecurity. Key Points BMM Testlabs is exhibiting at SiGMA […]
This article dives into the pressing issue of unauthorised AI use by employees as the technology rapidly evolves and becomes easier to access. It discusses the inherent risks, including inaccuracies, cybersecurity threats, and possible data breaches that employers need to consider. The piece also offers guidance on establishing a solid AI framework to mitigate these […]
Mick Leach, Field CISO at Abnormal AI, tackles the disappointing effectiveness of traditional security awareness training (SAT) in this enlightening video. Despite significant investments in SAT, human error—often the leading culprit in cybersecurity breaches—remains a persistent threat. Mick explores how integrating AI might just be the game-changer we need, offering a smarter and more personalised […]
This article discusses how supply chains can leverage public data, specifically open-source intelligence (OSINT), to combat cyber threats. Insights derived from public data sources enable real-time risk detection, particularly crucial in contested logistics environments. Companies are advised to use OSINT strategically to enhance their cybersecurity initiatives. Source: SupplyChainBrain Key Points Open-source intelligence (OSINT) uses public […]
Malware-as-a-Service (MaaS) is radically changing the cybersecurity landscape, especially within the supply chain sector. It enables cybercriminals, armed with just a few hundred pounds, to launch sophisticated attacks without needing programming skills. This article highlights the accessibility and danger of MaaS, detailing how it poses an unprecedented threat to supply chain security. Source: Supply & […]
The hacking group known as “Scattered Spider” is causing a ruckus, targeting major companies like Tinder, News Corp, and Chick-fil-A. Their tactics include clever social engineering scams, where they impersonate company employees to extract sensitive information. They recently managed to breach the British retailer Marks & Spencer, severely impacting their operations and finances. With a […]
Cybersecurity advocates are raising alarms over recent cuts and changes under the Trump administration that could put student data at risk. With valuable information like Social Security numbers and disciplinary records at stake, the need for robust cybersecurity measures in schools has never been more critical. Source: The Hechinger Report Key Points Cyberattacks on schools […]
The Israeli Privacy Protection Authority (PPA) has taken action against CyberServe following a data breach incident in 2021 that exposed sensitive information, severely affecting individuals involved. The authority’s findings suggest negligence on CyberServe’s part regarding security measures, leading to the breach. Source:Article URL Key Points PPA issued a Finding of Wrongdoing against CyberServe for inadequate […]
