Cybersecurity
Don’t give your personal data to fraudsters: Dodging Docusign scam emails
Cybercriminals impersonate the trusted e-signature brand and send fake Docusign notifications to trick people into giving away their personal or corporate data 27 May 2025 • , 5 min. read Remember when you used to have to print, sign, scan, email and/or even fax every time you wanted to sign and send an official document?…
AI Agents and the Non‑Human Identity Crisis: How to Deploy AI More Securely at Scale
Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot’s code completions to chatbots that mine internal knowledge bases for instant answers. Each new agent must authenticate to other services, quietly swelling the population of non‑human identities (NHIs) across corporate clouds. That population is already overwhelming the enterprise: many companies now juggle at…
Die wertvollsten Security-Zertifizierungen
Zertifizierte IT-Sicherheitsprofis sind (unter anderem) gefragter und verdienen besser. Gorodenkoff | shutterstock.com (Cybersecurity-)Zertifizierungen können eine aktienähnliche Volatilität entfalten: Ihre Popularität kann steigen oder auch fallen – und sie können an Relevanz verlieren, wenn sie nicht mit den aktuellen Branchenentwicklungen Schritt halten. Allerdings sind davon nicht alle Zertifizierungen gleichermaßen betroffen: Sogenannte “Blue Chips” haben sich über…
Red Hat, HashiCorp reveal Ansible, Terraform and Vault plans | TechTarget
BOSTON — Now that Red Hat and HashiCorp both reside under the IBM roof, Ansible, Terraform and HashiCorp Vault will get cozier, according to executives speaking publicly this week. Ansible’s configuration-as-code and HashiCorp Terraform infrastructure-as-code (IaC) tools were commonly used together before IBM agreed to buy HashiCorp last year for $6.5 billion, a deal…
LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks – Help Net Security
LlamaFirewall is a system-level security framework for LLM-powered applications, built with a modular design to support layered, adaptive defense. It is designed to mitigate a wide spectrum of AI agent security risks including jailbreaking and indirect prompt injection, goal hijacking, and insecure code outputs. Why Meta created LlamaFirewall LLMs are moving far beyond simple chatbot…
A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist
Ransomware is usually a crime of opportunity. Attackers typically strike through an easily-discovered vulnerability or security weakness— unpatched Internet-facing software, vulnerable network edge devices or exposed inbound virtual private network ports lacking multifactor authentication are among the most common points of initial compromise. However, some attacks appear much more targeted and include significant pre-attack reconnaissance…
Danabot: Analyzing a fallen empire
As announced by the US Department of Justice – the FBI and US DoD’s Defense Criminal Investigative Service (DCIS) have managed to disrupt the infrastructure of the notorious infostealer, Danabot. ESET is one of the many cybersecurity companies to participate in this long-term endeavor, becoming involved back in 2018. Our contribution included providing technical analyses…
SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection
From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall (WAF) on GitHub, with over 16.4K stars and a rapidly growing global user base. This walkthrough covers what SafeLine is, how…
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS – Krebs on Security
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching…
Risk Appetite vs. Risk Tolerance: How are They Different? | Informa TechTarget
Enterprise risk management programs have the ambitious governance goal of identifying, evaluating and managing all the risks facing an organization. To do so effectively, enterprise risk management (ERM) programs must have a consistent process for identifying the types of risk their organizations face, for assessing the level of risk each type poses, and for…