In the past year, business email compromise (BEC) attacks have skyrocketed, with malicious actors harnessing the power of generative AI to craft increasingly sophisticated fraudulent emails. The challenge with these next-generation BEC attacks lies in their complexity; they are not only hard to prevent but also notoriously difficult to detect. However, there are effective strategies […]
Prompt sanitization: How to protect against AI data loss
Generative AI tools like ChatGPT are, without doubt, game-changers for businesses across sectors. But they also come with significant risks. Sensitive data shared with these AI models can quickly spiral out of control, leading to unintentional but costly data leaks. The result? Your business could be embroiled in a data breach before you even realize […]
What’s the difference between human risk management and security awareness training?
Security awareness training is often seen as the cornerstone of managing the human factor. The goal is simple: provide employees with enough information to recognize and avoid potential risks. These programs can take many forms, from posters that offer cyber hygiene reminders to more structured eLearning sessions designed to ensure every employee has completed necessary […]
Disney quits Slack after data breach
Disney is set to abandon Slack following a significant data breach that occurred in July, which exposed over 1TB of confidential messages and files from the company’s internal communication channels. Internal emails shared reveal that Disney has commenced the transition to new “streamlined enterprise-wide collaboration tools,” with plans to complete the migration by the end […]
AT&T fined $13M by FCC for supply chain data breach
The Federal Communications Commission (FCC) has imposed a hefty $13 million fine on AT&T following a cloud security lapse that resulted in a data breach last year, compromising the personal information of 8.9 million customers. In an unusual twist, the breach didn’t originate within AT&T itself but rather stemmed from a security incident involving one […]
Payment gateway data breach: 1.7 million credit card owners affected
Payment gateway provider Slim CD has revealed a significant data breach affecting approximately 1.7 million people, compromising sensitive credit card and personal information. In a letter sent to affected clients, Slim CD admitted that cybercriminals had access to its network for an extended period, spanning from August 2023 until June 2024. This means that hackers […]
AI spoofing: What it is and how to spot it
Cloud account hijacking and spear-phishing emails have long been a concern amongst corporate security teams. Even with tools like multi-factor authentication and spam filters, malicious actors often uncover ways to either break into employee cloud accounts and attempt to persuade unwitting users to share sensitive details. Thankfully–up until now–there’s usually been a few tell-tale signs […]
SaaS security best practices: the ultimate guide
In this guide, we’ll explore the best practices for securing SaaS applications, from understanding key threats and the vendor landscape to building a culture of data protection. By delving into the nuances of SaaS security, you’ll be better equipped to navigate the complex landscape of cloud-based threats and maintain robust defenses against potential vulnerabilities. What […]
National Public Data breach: 3 million records leaked
Nearly 2.7 billion records containing personal information of individuals in the United States were leaked on a hacking forum, exposing sensitive data such as names, social security numbers, all known physical addresses, and potential aliases. Here’s what we know so far. National Public Data: Background The data reportedly originates from National Public Data, a company […]
Machine learning: the secret to effective data loss prevention
Data loss prevention (DLP) has a noise problem. Despite security teams carefully programming their solutions to catch sensitive data, most DLP tools alert them to benign instances—and lots of them. The reason? Regular expressions. Once the cornerstone of DLP, regular expressions have become outdated for the modern, cloud-based world. They cause inconsistent, inconsequential, inordinate amount […]
Everything you need to know about LLM DLP
Large language models (LLMs) are rapidly reshaping the workplace—tools like ChatGPT are revolutionizing marketing, while AI-driven predictions are transforming healthcare. The benefits are significant, but so are the risks. LLMs thrive on data, analyzing, logging, and storing every piece of information your employees share within their expansive neural networks. You might assume your current data […]