Category: Cybersecurity Insiders

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Can businesses stay compliant with security regulations while…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Environmental sustainability is more important than ever before…

Read more →

 The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Smart cities are on the rise. What was…

Read more →

Airbus, a renowned leader in the aerospace industry, has recently found itself at the center of a highly sophisticated cyber-attack, sending shockwaves through the cybersecurity landscape. This breach has exposed a trove of sensitive information, including the personal details of…

Read more →

In the ever-evolving landscape of cybersecurity, threats continue to take on new forms and adapt to advanced defense mechanisms. One such emerging threat that has gained prominence in recent years is “data poisoning.” Data poisoning is a covert tactic employed…

Read more →

In the realm of cybersecurity, knowledge of programming languages empowers security professionals to decipher how hackers employ programming to breach systems. While not all cybersecurity roles require proficiency in programming, it is undeniably valuable. Mastery of programming languages equips these…

Read more →

For organizations of all sizes, cyber consistently earns a place on the agenda, becoming a focal point for business-critical initiatives and investments. Today, cyber means business, and it isn’t challenging to overstate the importance of cyber as a foundational and…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In today’s interconnected digital landscape, where data flows…

Read more →

Earlier this year, analysts in the AT&T Cybersecurity Managed Threat Detection and Response (MTDR) security operations center (SOC) were alerted to a potential ransomware attack on a large municipal customer. The attack, which was subsequently found to have been carried…

Read more →

In an era marked by persistent insider threats, espionage activities, malicious software attacks, and escalating cyberwarfare, China is contemplating a gradual shift towards replacing human oversight with cutting-edge technology to enforce critical data security regulations. Under the banner of national…

Read more →

Join the webinar “5 Reasons Why Zero Trust Network Access (ZTNA) Triumphs Over VPN” live on September 21 [ save your seat ]. Recent findings from the 2023 VPN Risk Report have set off alarms, with a staggering 90% of…

Read more →

By Michael Angelo Zummo, Threat Intel Expert – CybersixgillPhishing tools and services are common and accessible on the underground. We took a close look at one of them and discovered how easy it can be to launch a phishing scheme.…

Read more →

By Michael Angelo Zummo, Threat Intel Expert – CybersixgillPhishing tools and services are common and accessible on the underground. We took a close look at one of them and discovered how easy it can be to launch a phishing scheme.…

Read more →

At Black Hat USA 2023, the Department of Defense (DoD) Defense Advanced Research Projects Agency (DARPA) unveiled a two-year “AI Cyber Challenge” (AIxCC) competition aimed at driving innovation in AI and the creation of new cybersecurity tools. The competition will…

Read more →

MGM Resorts has officially announced an ongoing investigation into a cybersecurity incident that has severely impacted various aspects of its operations, including company emails, reservation records, room access systems, and even casino slot machines. Law enforcement agencies have been contacted…

Read more →

By Baan Alsinawi, Managing Director, Strategy and Risk, CISO Global, and Founder of TalaTek, a CISO Global company All anyone wants to talk about these days is AI, and when seven leading U.S. producers of AI technology recently stepped forward…

Read more →

Tenable Inc., the cybersecurity company headquartered in Maryland, has officially revealed its plans to acquire the Israel-based Cloud Security Startup, Ermetic. Although the exact financial terms of the deal have not been disclosed, reliable sources have indicated that the acquisition…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Approximately 57 cryptocurrency thefts occurred in just the first…

Read more →

The Sri Lankan Government has recently reported a significant data loss incident involving over 5000 email accounts spanning from May to August 2023. The primary cause of this data loss was identified as a cyber attack, specifically a ransomware variant.…

Read more →

In the realm of cybersecurity threats, the terms “Killware” and “Ransomware” often surface in discussions. While both are malicious software designed to disrupt computer systems, they serve distinct purposes and operate in different ways. This article delves into the concepts…

Read more →

How biometrics can help to make our world a safer place We’ve recently been exploring biometric technologies on this blog and how they have become a part of our everyday lives, helping us to move, travel and pay more seamlessly.…

Read more →

The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of…

Read more →

About three weeks ago, Tesla found itself in the throes of a data breach when two former employees allegedly exposed the company’s confidential information to external parties. In a recent development, a former Tesla staff member has initiated legal action…

Read more →

As the new term approaches, schools across the United Kingdom are grappling with a rising threat – cyberattacks. Many institutions, whether they are gearing up to open their doors or have already commenced preparations, are finding it increasingly challenging to…

Read more →

Virtualized data centers have become the backbone of modern IT infrastructure, offering scalability, efficiency, and cost-effectiveness. However, as data center virtualization continues to grow, ensuring utmost security has become paramount. This article explores strategies and best practices for achieving maximum…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Uncertainty looms large on the horizon as businesses…

Read more →

In an era marked by rapid technological advancement, data privacy experts like Ken Cox, president of private cloud provider Hostirian, are ringing alarm bells. Our recent conversation with Ken revealed a nuanced perspective on the capabilities of generative language models…

Read more →

The cybersecurity landscape has undergone a dramatic transformation over the past few years, influenced by shifting threat vectors, technological advances, and changing market dynamics. For venture capital firms like Evolution Equity Partners, navigating these complexities is more crucial than ever.…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Cybersecurity threats refer to malicious activities conducted over…

Read more →

Cybersecurity as a competitive advantage The economy is on the minds of business leaders. C-suites recognize survival depends upon the ability to safeguard systems and information. They must redesign for resilience, mitigate risk, strategically deploy assets and investments, and assign…

Read more →

The case for unified endpoint management and mobile threat defense The evolution of endpoint management Unified endpoint management (UEM) has played a significant role over the years in enabling companies to improve the productivity and security of their corporate mobile…

Read more →

In a concerning cybersecurity development, it appears that hackers with potential ties to Beijing managed to breach the cryptographic key of Microsoft Accounts. This unauthorized access allowed them to conduct surveillance on various U.S. government agencies. Reports indicate that this…

Read more →

In an unprecedented turn of events in the United States, a relatively obscure ransomware group has committed a grave act by exposing the personal information of individuals who held work visas in the country. This audacious breach took place earlier…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Here’s how organizations can eliminate content-based malware in…

Read more →

As cybersecurity becomes increasingly complex, having a centralized team of experts driving continuous innovation and improvement in their Zero Trust journey is invaluable. A Zero Trust Center of Excellence (CoE) can serve as the hub of expertise, driving the organization’s…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Can businesses stay compliant with security regulations while…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  The Biden Administration has recently announced the implementation…

Read more →

When a server falls victim to a ransomware infection, the urgency to regain access to critical data often leads to a difficult decision: paying the hackers’ demands. However, the reliability of ransomware criminals in conducting their “business” is far from…

Read more →

In today’s digital age, where smartphones have become an integral part of our lives, cyber threats are constantly evolving. While email spam and phishing attacks are widely recognized, a newer threat has been gaining prominence: text message spam, often referred…

Read more →

Amid the growing interest from both companies and governments in transitioning to the cutting-edge fifth generation of wireless networks, commonly known as 5G, security experts are sounding the alarm about the challenges that come with securing this dynamic and complex…

Read more →

 The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Smart cities are on the rise. What was…

Read more →

By Lisa Levy at Satori, the Data Security Platform As forward-thinking CIOs are well aware, the success of business process digitalization is intimately tied to the backbone of any digital endeavor: data.  But it’s not just about having vast amounts…

Read more →

By Erik Gaston, Vice President of Global Executive Engagement, Tanium Cyber-criminals are nothing if not opportunistic. While the e-commerce industry is far from the “Wild, Wild West” – where infamous masked highway robbers ganged-up and ran rampant – today’s outlaws…

Read more →

It’s been over four years since 5G was introduced and the technology has now been rolled out across all the world’s major economies. So, we’re starting to think about what’s coming next…. Expansion into emerging markets With 5G already embedded…

Read more →

For organizations of all sizes, cyber consistently earns a place on the agenda, becoming a focal point for business-critical initiatives and investments. Today, cyber means business, and it isn’t challenging to overstate the importance of cyber as a foundational and…

Read more →

Reflectiz, a cybersecurity company specializing in continuous web threat management offers an exclusive, fully remote solution to battle Magecart web-skimming attacks, a popular type of cyberattacks involving injecting malicious code into the checkout pages. As the Holiday Season approaches, online…

Read more →

Since 2018, TikTok, the Chinese-based video-sharing platform, has faced relentless criticism over its alleged mishandling of data security. Initially, the United States banned the app’s use on all government-issued phones, setting off a domino effect that led to similar actions…

Read more →

In a recent interview, Federico Charosky, CEO of Quorum Cyber, shed light on some often-underappreciated yet crucial facets of insider risk in cybersecurity. Charosky emphasizes the necessity of nuanced definitions when discussing the topic of insider risk. He argues that…

Read more →

To mitigate privacy and security concerns, it’s advisable to refrain from storing certain types of data on your mobile devices. While smartphones are indispensable for staying connected and managing various aspects of our lives, safeguarding personal information should be a…

Read more →

The United Kingdom’s Ministry of Defense has once again found itself in the spotlight due to a recent cyberattack, with fingers of suspicion pointing towards Russian hackers. While there is no conclusive evidence to substantiate these claims, there is a…

Read more →

In the ever-evolving landscape of cybersecurity, the battle between cyber-criminals and defenders rages on. Cyberattacks are becoming more sophisticated and harder to detect, making it imperative for organizations to bolster their defenses. One powerful weapon in the cybersecurity arsenal is…

Read more →

In recent times, many developed nations such as the United States, the United Kingdom, Canada, and Australia have refrained from publicly identifying their cyber adversaries, understanding that doing so might inadvertently provide these adversaries with a significant advantage on the…

Read more →

The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of…

Read more →

By Gal Helemski, Co-Founder and CTO/CPO at PlainID “Data is the lifeblood of an organization.” Becoming somewhat of a platitude in the security space, it’s challenging to believe every organization truly upholds this sentiment. Yes, data is used to generate…

Read more →

In a concerning turn of events, the servers of Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) fell victim to a cyberattack by a hacking group, highlighting the vulnerability of even the most secure digital entities. NISC…

Read more →

In a digital age where the lines between activism and hacking are increasingly blurred, Anonymous Sudan, a self-proclaimed hacktivist group with ties to the Russian Federation, recently launched a cyber-attack on the servers of the social media giant formerly known…

Read more →

In the contemporary digital environment, the specter of cyberattacks casts a shadow over organizations of every scale. Despite the essential role that cyber resilience plays in protecting sensitive information and ensuring seamless business operations, numerous enterprises, particularly those operating within…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Here’s how organizations can eliminate content-based malware in…

Read more →

The case for unified endpoint management and mobile threat defense The evolution of endpoint management Unified endpoint management (UEM) has played a significant role over the years in enabling companies to improve the productivity and security of their corporate mobile…

Read more →

Pieter Adieux Co-Founder and CEO, Secure Code Warrior The possibilities of generative AI (GAI) technology have had both developers and non-developers wide-eyed with excitement, particularly around automation, productivity and business development. What makes it so engaging is that it’s clearly…

Read more →

By David Hoelzer, Fellow at The SANS Institute The rise of ChatGPT and generative AI has ushered in an extensive range of new opportunities seemingly overnight. With the ability to automate a plethora of capabilities, the tool has garnered the…

Read more →

As cybersecurity becomes increasingly complex, having a centralized team of experts driving continuous innovation and improvement in their Zero Trust journey is invaluable. A Zero Trust Center of Excellence (CoE) can serve as the hub of expertise, driving the organization’s…

Read more →

The historical Municipality of Montreal, situated in Canada, has fallen victim to the LockBit Ransomware, an event that underscores the increasing menace of cyber threats. This century-old establishment faced a critical juncture as it chose not to comply with the…

Read more →

Approximately 3 to 4 years ago, Dr. Johnny Ryan, a senior member of the Irish Council of Civil Liberties (ICCL), initiated a legal case against the Data Protection Commission (DPC) in the high court. He alleged that the DPC had…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Uncertainty looms large on the horizon as businesses…

Read more →

Today, SC Media announced the winners of its annual cybersecurity awards for excellence and achievements. At AT&T Cybersecurity we are thrilled that AT&T Alien Labs was awarded Best Threat Intelligence in this prestigious competition. The Alien Labs team works closely…

Read more →

By David Monnier, Chief Evangelist, Team Cymru Fellow It’s challenging to be on a security team these days. Organizations are expanding their cloud capabilities, yet 45% of breaches happen in the cloud. Most security teams receive over 500 security alerts…

Read more →

By Jaye Tillson, Director of Strategy, Axis Security Over the past few years, our world has evolved at a rapid pace. This rapid evolution has given rise to innovative networking and security architectures such as SD-WAN, SASE, SSE, and Zero…

Read more →

Jaye Tillson, Field CTO at Axis Security Amidst the ever-evolving terrain of modern information technology, the domain of higher education has emerged as a focal point for malicious activities. Consequently, ensuring the safety and security of students, educators, and intellectual…

Read more →

China has reportedly focused its efforts on compromising email servers within several American government networks, raising concerns about potential data exploitation. According to findings from Mandiant, a state-sponsored criminal group targeted the Barracuda Email Security Gateway (ESG) between October and…

Read more →

By Sreenivas Gukal, Head of Products, VP of Engineering, and Co-Founder at Acalvio Technologies Enterprises and regulated industries are becoming well aware that their risk management strategy must include cybersecurity for OT (Operational Technology) environments and the convergence of IT…

Read more →

Collaborative Efforts Dismantle Qakbot Malware’s IT Infrastructure In a significant joint operation, the FBI, in partnership with the Department of Justice and international allies, has successfully taken down the IT infrastructure owned by the Qakbot Malware group. Drawing expertise from…

Read more →

In the ever-evolving landscape of cyber threats, one form of digital menace has gained significant notoriety: ransomware malware. These malicious programs encrypt victims’ data and demand a ransom for its release, wreaking havoc on individuals, businesses, and even government institutions.…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Memory forensics plays a crucial role in digital…

Read more →

Cybersecurity as a competitive advantage The economy is on the minds of business leaders. C-suites recognize survival depends upon the ability to safeguard systems and information. They must redesign for resilience, mitigate risk, strategically deploy assets and investments, and assign…

Read more →

Over the past 48 hours, media outlets have been abuzz with reports of Russian cyber-attacks targeting government websites. However, what remains shrouded in relative obscurity is a puzzling incident involving more than 20 passenger trains being abruptly immobilized, sparking public…

Read more →

In November of the previous year, Rackspace, a well-known company providing cloud computing services, fell victim to a cyber-attack orchestrated by the Play Ransomware group. This attack led to a disruption in their email exchange services for a duration of…

Read more →

Executive summary AT&T Alien Labs researchers recently discovered a massive campaign of threats delivering a proxy server application to Windows machines. A company is charging for proxy service on traffic that goes through those machines. This is a continuation of research described…

Read more →

Security Operations Centers (SOCs) are the heart of cybersecurity, but managing the endless stream of alerts, conducting in-depth investigations, and timely response to incidents are challenges that overwhelm even the most robust SOCs. The core of this problem is the…

Read more →

By Richard Bird, Chief Security Officer at Traceable In the ever-evolving landscape of cybersecurity, it’s concerning to witness a persistent rise in breaches. The underlying issue? The consistent sidelining of API security. Despite the transformative role APIs play in modern digital infrastructures, they remain an underestimated component in many security strategies. This oversight isn’t merely…

Read more →

In the complex field of application security, the challenges surrounding open source software security require innovative solutions. In a recent interview with Varun Badhwar, Founder and CEO of Endor Labs, he provided detailed insights into these specific issues and how…

Read more →

By Karen Lambrechts, Lansweeper So much software, so little oversight! That may be how many IT departments are feeling lately. According to MarketsAndMarkets, the global Software Asset Management (SAM) market size is expected to grow at a Compound Annual Growth…

Read more →

By Doug Dooley, COO, Data Theorem The rise of cloud-native applications has revolutionized the way businesses operate, enabling them to scale rapidly and stay agile in a fast-paced digital environment. However, the increasing reliance on Application Programming Interfaces (APIs) to…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  The Biden Administration has recently announced the implementation…

Read more →

Over the last several hours, the air traffic situation in Britain has plunged into a state of turmoil, prompting some segments of the media to attribute the crisis to a cyber-attack. Indeed, the reports you’ve come across are accurate. Nevertheless,…

Read more →

London Metropolitan Police has made headlines due to a sophisticated cyber attack that resulted in a significant data breach. Upon delving into the specifics, the agency fell victim to hackers who successfully breached the database of a third-party contractor responsible…

Read more →

In today’s digital world, businesses are increasingly adopting hybrid cloud solutions to harness the benefits of both public and private cloud infrastructures. While hybrid cloud offers unprecedented flexibility and scalability, it also introduces complex challenges in securing sensitive data across…

Read more →

The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  The installation of Active Directory (AD) on Windows…

Read more →

Any marketing company or team operating worldwide typically shares a common practice: extracting data from social media platforms and utilizing this information for digital marketing endeavors. Similarly, certain online marketing firms provide data scraping tools to premium users, enabling them…

Read more →

Recently, there has been notable attention drawn to the announcement issued by CloudNordic, an Enterprise Hosting Provider. The statement acknowledges a distressing incident in which a ransomware group successfully compromised their systems, resulting in the complete loss of all customer…

Read more →

In an increasingly digital age, cybersecurity concerns have permeated every sector, with the healthcare industry being no exception. While traditional cyber threats like malware and data breaches have long been a focus, a new menace has begun to emerge on…

Read more →

Google has consistently prioritized enhancing trust among its users by introducing novel defensive measures to counteract cyber threats like phishing attacks. Moving forward, Workspace users can expect an added layer of protection against takeover attempts, as a new safeguard necessitates…

Read more →

By Craig Lurey, CTO and Co-Founder, Keeper Security As Artificial Intelligence–better known as AI–proves to be a revolutionary technology that is already leaving an indelible mark on many aspects of our lives, criminals are actively seeking ways to use that same…

Read more →

A few days ago, the Daily Maverick, a South African news outlet, published a contentious statement concerning Indian Prime Minister Shri Narendra Modi. Presently, the publication alleges that it has fallen victim to a sophisticated cyber assault, purportedly originating from…

Read more →

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  What exactly is resilience? According to the U.S.…

Read more →

The case for unified endpoint management and mobile threat defense The evolution of endpoint management Unified endpoint management (UEM) has played a significant role over the years in enabling companies to improve the productivity and security of their corporate mobile…

Read more →

CloudNordic, a Denmark-based cloud service provider, has issued a public statement confirming the unfortunate incident of a ransomware attack that led to the complete deletion of customer data from its servers. Despite their efforts, the company found itself unable to…

Read more →

In an era where digital transformation accelerates and cyber threats proliferate rapidly, the role of effective threat modeling in software development is becoming more critical. Traditional methods of threat modeling often fall short, as they are often labor-intensive, inconsistent, and…

Read more →

In an increasingly interconnected world, personal data privacy has become a growing concern that resonates with virtually every individual and organization. One company aiming to solve the data privacy challenge is OneRep, a firm focused on privacy and personal information…

Read more →