Upgrading to the “latest and greatest” technology isn’t always feasible for businesses, given the cost and disruption involved in constantly changing processes and switching solutions. So how can today’s organizations better understand when it makes sense to upgrade—and when it doesn’t?
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Credit monitoring giant TransUnion has suffered an apparent Salesforce data breach, affecting over 4.4 million people, with ShinyHunters claiming responsibility.
Google Threat Intelligence Group has tracked threat actor UNC6395 stealing OAuth tokens via Salesloft Drift integrations in a massive Salesforce data theft campaign.
A cyber attack on Nevada has disrupted state services, including phone lines, websites, and online systems, forcing several offices to close with no expected date of resolution.
A recent campaign of cyber attacks made new and novel use of the Claude AI chatbot in scanning VPN endpoints and automating multiple portions of the attack cycle, representing another step forward in the deployment of LLMs for malicious purposes.
A whistleblower report submitted to Congress and the Office of Special Counsel claims that DOGE employees uploaded a very sensitive Social Security Administration (SSA) database to a vulnerable cloud server while auditing the agency, one that contains Social Security numbers for 300 million Americans as well as associated identity information.
Farmers Insurance Hit by Third-Party Data Breach Exposing Personal Information of 1.1 Million People
A third-party data breach at Farmers Insurance has exposed the sensitive personal information of over 1.1 million people after hackers breached a vendor-managed database.
Recent letters sent out by FTC Chairman Andrew N. Ferguson were directed to tech companies and warned against watering down privacy protections or censoring their products due to pressure by foreign governments.
The UK government has dropped its controversial plan to mandate an encryption backdoor into Apple's cloud storage systems, according to a statement by US Director of National Intelligence Tulsi Gabbard.
Russian hackers linked to the country’s Federal Security Service (FSB) Center 16 have exploited vulnerable Cisco devices for over a year to target critical infrastructure organizations for cyber espionage.










