Cybersecurity
When IT meets OT: Cybersecurity for the physical world
While relatively rare, real-world incidents impacting operational technology highlight that organizations in critical infrastructure can’t afford to dismiss the OT threat 14 Mar 2025 • , 4 min. read Amid all the high-profile data breaches and ransomware attacks on IT systems in recent years, the threat to business-critical operational technology (OT) is still often underestimated….
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and static rules, which don’t hold up for detecting potential attack patterns in highly variable Kerberos traffic. They frequently generate false positives or miss “low-and-slow” attacks…
New Report Reveals Just 10% of Employees Drive 73% of Cyber Risk
Living Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report, an independent study conducted by leading research firm Cyentia Institute. The report provides an unprecedented look at behavioral risk inside organizations and reveals how strategic HRM programs can reduce that risk 60% faster than traditional methods. Drawing on…
Risk Prediction Models: How They Work and Their Benefits | TechTarget
One of my favorite consulting clients is an outdoor clothing retailer. It’s a highly seasonal business — summer and winter gear are different, obviously. But fashions, styles and popular color combinations change every year, too. The company’s buyers must make decisions about inventory well in advance to order for upcoming seasons. They obsess about…
Why You Should Use Geolocation in Your React App’s Authentication Process
The number of cyberattacks keeps growing every year, and human error is still the main cause of security breaches. While it’s impossible to eliminate the user mistake factor entirely, developers can introduce authentication systems that offer more security compared to traditional password-based algorithms. Geolocation-based authentication is only one example of an extra security layer, but…
Cyber turbulence ahead as airlines strap in for a security crisis – Help Net Security
Aircraft systems are getting more connected and ground operations increasingly integrated, and attackers are taking notice. They’re shifting from minor disruptions to targeting critical systems with serious intent. Any time an aircraft transmits data, whether it’s flight position updates or maintenance alerts, it is vulnerable to interception by third parties. In several recent cases, cyber…
Unmasking AsyncRAT: Navigating the labyrinth of forks
AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants. While its capabilities are not that impressive on their own, it is the open-source nature of AsyncRAT that has truly amplified its impact. This blogpost provides an overview…
From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this shift is the growing threat of ransomware, which continues to evolve in both frequency and complexity. Ransomware-as-a-Service (RaaS) platforms have made it possible for even…
Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai – Krebs on Security
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 firms. Paradox.ai said the security oversight was…
Clément Domingo: “We are not using AI correctly to defend ourselves”
Following Kaspersky Horizon on 1 July in Madrid, Clément Domingo, ethical hacker and cybersecurity evangelist, explains the cybercrime landscape now looks like the legitimate startup world: structured organizations with affiliates and even team-building culture. How a criminal startup works “A cybercrime startup is similar to a classic startup, but dedicated to cybercrime in a very…