As the world went into lockdown, cybersecurity teams went on high alert. A health crisis, especially one with global reach, was almost certainly going to attract threat actors looking to capitalize on a topic with such high interest. It’s to be expected. But despite any warnings or tips we could offer at the start of the pandemic.

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced key milestones, strong financial performance across the globe, and continued momentum following the launch of the new company in January. “Today’s threat landscape quickly mutates and dynamically adjusts to defenses,” said Bryan Palma, CEO, Trellix. 

It may surprise you to learn that new research by CompTIA finds only 30% of the cyber workforce is in the 19-34 age group, with 52% between 35 and 54. You’d think more people entering the workforce or in the early stages of their careers would be turning to cybersecurity given the rise in headline-grabbing cyberattacks.

M-Trends is an annual publication from Mandiant that provides an inside look at the evolving cyber threat landscape directly from global incident response investigations.

As the ever-increasing list of cybersecurity acronyms and vernacular grows, what cybersecurity tools are truly best for your team and meet your organization’s needs? To make sense of it all, let’s dive into security technologies used in the market today and the differences between endpoint detection.

Conti is one of the most prolific ransomware operations in the threat landscape today. In a recent act of retaliation against Conti’s leaders for their support of Russia, an anonymous person leaked documentation and internal chat logs from the group. This blog post series covers important phishing-related takeaways Cofense Intelligence analysts discovered in the leaks. In Part 3, we discuss elements of Conti’s phishing tactics and strategy.

We sat down with our first pentester here at Cobalt, Shashank, to learn more about him and his time with us. Since Shashank has been with us, the Core has grown to more than 300 pentesters. Along with being in the Core, Shashank has also started his own business: CredShields which is building next-generation security services for web3 and blockchain; he building a cloud-based smart contract vulnerability scanner called SolidityScan.com

For the 7th year in a row, Business Email Compromise (BEC) is the number one cybercrime, as reported by losses, according to the FBI IC3 Report. Topping in at an astonishing $43 billion dollars with victims in 177 countries and money being wired between 140 different countries, it still amazes me that people are more concerned about ransomware and nation-state attacks instead of murderous BEC actors killing in the name of evil spirits.

Before remote work exploded in 2020, the average small business used 102 third-party apps, while mid-market businesses averaged at 137. These numbers translate to hundreds of vendor reviews, burying security teams in questionnaires and spreadsheets. Fast forward to 2022 where teams live and work online 24/7, we ask if there's a better way to onboard critical tools without compromising security. Allie from HyperComply helps us learn more.

Organizations often must deploy strict security measures in order to lower the cost or qualify for cyber liability insurance, especially in terms of multi-factor authentication (MFA) and phishing prevention. However, insurance companies themselves face considerable scrutiny when it comes to their own cybersecurity practices and vulnerabilities.