Some security leaders say that financially driven cybercriminals exploit the human factor to commit online phishing scams and con people out of their money.
However, security leaders believe phishing – a key conduit for scams and other malicious cyber activities – poses an increased threat to organizations and...
Previous studies on IoT and OT devices have primarily focused on internal components, neglecting open-source components that are crucial for internet and network connectivity, according to Stanislav Dashevskyi and Francesco La Spina, security researchers at Forescout Technologies.
Mobile password managers are different from computer-based password managers due to different constraints found in the mobile operating system, said Ankit Gangwal, assistant professor at the International Institute of Information Technology. He shed light on the risks introduced by AutoSpill.
Sharan Hiremath, senior product manager at JFrog, delved into the escalating challenge of supply chain attacks. With a focus on the surge in open-source vulnerabilities, he outlined key factors contributing to the rise of attacks and offered insights into threat mitigation strategies.
Domain name system or DNS attacks have persisted as a popular method for carrying out DDoS attacks. Haixin Duan, professor at Tsinghua University's Institute for Network Sciences and Cyberspace, describes TsuKing as a new form of DNS attack that does not require IP address spoofing.
Javvad Malik, lead security awareness advocate at KnowBe4, delves into the transition from cybersecurity awareness to a robust security culture. He underscored the importance of user-centric security, engaging security training and flexible security measures - in addition to MFA.
Marc Lueck, EMEA CISO at Zscaler, describes generative AI as the bridge between traditional AI and machine learning. He said it offers the ability to engage in humanlike conversations while tapping into vast data repositories and is both a powerful defense mechanism and a potential vulnerability.
Automating decision-making in the security operations center strengthens an organization's ability to detect, respond to and mitigate security threats effectively. But the focus has shifted from micro-automation to a unified platform, according to Michael Lyborg, CISO of Swimlane.
Marta Rybczyńska, technical program manager at Eclipse Foundation, discussed best practices for reporting vulnerabilities, adopting AI and bridging the gap between developers and security researchers to adhere to cybersecurity best practices for open-source software.
Erhan Temurkan, technology and security director at Fleet Mortgages, shares his insights on the integration of generative AI into the multifaceted world of cybersecurity and the dynamic threat landscape. Organizations must find a balance between security and usability, he said.
As a legacy protocol, DICOM lacks proper security measures, and as the healthcare industry modernizes and moves to the cloud, there is a significant risk of patient data exposure, said Sina Yazdanmehr, a senior IT security consultant at Aplite.
The cybersecurity landscape is structured like Swiss cheese - fragmented and full of vulnerabilities. This complex, ever-evolving environment requires a multifaceted approach to address gaps and a specific focus on data security and identity protection, said Maxine Holt, senior director at Omdia.
Joe Sullivan, CEO of Ukraine Friends, delves into the complexities of cybersecurity, drawing from his experience as the former CSO of Uber. He shares lessons learned from the high-profile Uber breach case and personal experiences to address broader issues in the cybersecurity landscape.
Bugcrowd CEO Dave Gerry and Emily Ferdinando, vice president, marketing, highlighted the significance of tapping into the creativity of the ethical hacker community, combined with the expertise of internal security teams, to enable organizations to stay one step ahead of cyberthreats.
"How do we surprise our adversaries?" So asked Ollie Whitehouse, CTO of Britain's National Cyber Security Center, in a keynote speech at Black Hat Europe in London in which he urged defenders to focus on resilience and on finding fresh ways to impose material costs on adversaries.