Latest news with #RSAConference
Business Wire
05-08-2025
- Business
- Business Wire
Resecurity Named One of America's Fastest-Growing Private Companies by Inc. for the Fourth Year Running
LOS ANGELES--(BUSINESS WIRE)--Resecurity®, Inc., a leading global cybersecurity and threat intelligence company, has been named to the 2025 Inc. 5000 list of the fastest-growing private companies in America for the fourth consecutive year. This recognition by Inc. Magazine highlights Resecurity's continued growth, innovation, and impact in the cybersecurity industry. The Inc. 5000 list is a definitive ranking of the most dynamic and successful private companies in the U.S., recognizing organizations that have demonstrated strong performance amid economic uncertainty and rapid digital transformation. Resecurity's inclusion for four consecutive years reflects its unwavering commitment to delivering intelligence-driven cybersecurity solutions and helping customers navigate an increasingly complex threat landscape. 'We're honored to be recognized by Inc. for four years in a row,' said Gene Yoo, CEO of Resecurity. 'This achievement reflects the hard work, passion, and commitment of our global team, and our mission to help organizations stay ahead of emerging cyber risks with intelligence-driven solutions. In a constantly shifting threat landscape, our continued growth is rooted in innovation, customer trust, and strong partnerships.' Over the past year, Resecurity has expanded its presence across North America, Latin America, the Middle East, and Asia. The company continues to serve as a trusted partner to enterprises, government agencies, and financial institutions, offering advanced threat intelligence, digital risk monitoring, dark web investigations, and compliance support. This recognition comes on the heels of multiple milestones in 2025, including the launch of AI-powered compliance automation tools, expansion into Brazil, new university and CERT partnerships, and continued presence at leading global industry events such as RSA Conference, GISEC Global, and Black Hat. To view the complete 2025 Inc. 5000 list, visit: About Resecurity Resecurity® is a cybersecurity company that delivers a unified endpoint protection, fraud prevention, risk management, and cyber threat intelligence platform. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, by Inc. Magazine, Resecurity was named one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California. As a member of InfraGard National Members Alliance (INMA), AFCEA, NDIA, SIA, FS-ISAC, and the American Chamber of Commerce in Saudi Arabia (AmChamKSA), Singapore (AmChamSG), Korea (AmChamKorea), Mexico (AmChamMX), Thailand (AmChamThailand), and the UAE (AmChamDubai). To learn more about Resecurity, visit
Yahoo
26-06-2025
- Business
- Yahoo
Can Gorilla's Bold Thailand Acquisition Fuel its Global AI Ambitions?
Gorilla Technology Group Inc. GRRR recently agreed to acquire two Thai tech firms, CNS and its subsidiary CANS. These companies specialize in AI-driven customer engagement, video analytics and cybersecurity. With this deal, GRRR gains access to their mobility-first AI platforms and a strong customer base across all of Thailand. This is a major strategic move for GRRR, boosting its product portfolio with proven, scalable AI solutions and expanding its regional footprint across Southeast Asia. CNS and CANS bring local expertise, a large enterprise network, and technology already aligned with real-world deployments. GRRR is positioning itself as a leader in AI and digital infrastructure across emerging markets like Southeast Asia, Latin America and other regions. The deal unlocks new recurring revenue streams, especially from AI-powered customer engagement platforms, an industry projected to reach $173.9 billion by 2032. It also gives GRRR access to Southeast Asia's booming $6.8 billion Edge AI and cybersecurity market. Though financial terms weren't disclosed, the acquisition enhances GRRR's ability to scale, diversify revenue and tap into high-growth sectors like smart cities, telecom and public safety. If integrated effectively, this move could significantly accelerate GRRR's top-line growth in the coming years. The global video analytics market is expected to exceed $23.4 billion by 2030, indicating a lucrative opportunity ahead. The deal is expected to close this summer. How Are GRRR's Peers Expanding Their Footprint? Notable peers, such as Palo Alto Networks, Inc. PANW and Zscaler, Inc. ZS, are also aggressively expanding their global footprints. Palo Altohas been broadening its platform through high-profile AI acquisitions, such as Protect AI during the RSA Conference, boosting its AI security offerings and doubling down on cloud-driven expansion. Palo Alto's consistent move into cloud-native security reflects a strategic push to serve global clients. Zscaler, headquartered in San Jose, has extended its cloud-security "Zero Trust Exchange" internationally and fortified its platform via targeted M&A. Recent acquisitions include names like Red Canary and Avalor. Previous deals, such as TrustPath and Smokescreen, enhanced Zscaler's global delivery reach and regional market presence. Gorilla Technology's Price Performance, Valuation and Estimates Shares of Gorilla Technology have gained 14.3% year to date, outperforming the broader industry. Image Source: Zacks Investment Research From a valuation standpoint, Gorilla Technology trades at a forward price-to-sales ratio of 3.39X, above the industry average of 2.86X. GRRR carries a Value Score of F. The Zacks Consensus Estimate for Gorilla Technology's 2025 earnings implies a 115.8% improvement year over year, followed by 12.4% growth next year. Image Source: Zacks Investment Research The stock currently sports a Zacks Rank #1 (Strong Buy). You can see the complete list of today's Zacks #1 Rank stocks here. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Palo Alto Networks, Inc. (PANW) : Free Stock Analysis Report Zscaler, Inc. (ZS) : Free Stock Analysis Report Gorilla Technology Group Inc. (GRRR) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Techday NZ
10-06-2025
- Techday NZ
Exclusive: SquareX's Audrey Adeline on why the browser is 'the new endpoint'
The browser is the new battleground. That's the message from Audrey Adeline of cybersecurity company SquareX, who has launched a practical Browser Detection and Response Manual to help organisations understand and defend against attacks in what she calls "the most used app on your device." "Eighty per cent of the time spent on a device is now in the browser," she explained to TechDay during a recent interview. "Yet it's one of the least protected surfaces in cybersecurity." Unveiled at the RSA Conference (RSAC'25) earlier this year, the manual has struck a chord with security leaders worldwide, selling out quickly and prompting strong feedback. The manual, written by Audrey Adeline and Vivek Ramachandran is titled: 'The Browser Security Field Manual'. "We were one of the top-selling books at the RSA bookstore," Adeline said. "A lot of CISOs reached out to us afterwards to say it helped their teams rethink browser security." Originally from Indonesia, Adeline's own path into tech was unconventional. "I grew up in a very traditional economy. Most of my family ran consumer businesses - nobody was in STEM," she said. After studying biochemistry at Cambridge and working in cancer research, she pivoted into consulting, and eventually joined Sequoia to evaluate tech companies, including cybersecurity firms. Her passion for deep tech and research led her to SquareX, where she now leads the Year of Browser Bugs (YOBB) project, uncovering browser-based architectural vulnerabilities each month. These include high-profile exploits like polymorphic extensions, which can impersonate legitimate browser tools like password managers and crypto wallets. "The danger is users don't realise they're entering credentials into a fake extension," Adeline explained. "These are architectural issues that legitimate browser features enable, and they're much harder to detect or patch." That urgency drove the creation of the manual. "We kept seeing the same problem - people using the browser constantly, but having very little visibility or protection," she said. "Existing tools just don't give you a clear picture of how the breach occurred." The manual's first edition is now being followed by a second, set for release at DEF CON and Black Hat in August. It will feature commentary from CISOs at Fortune 500 companies to ground the guidance in real-world enterprise experience. "We didn't want to just make it theoretical," Adeline said. "Each chapter now includes perspectives on actual problems faced by security teams." Access to the manual is currently via request form, though Adeline said digital availability is expected closer to August. Developing the manual was not without challenges. "The biggest hurdle was the lack of consolidated resources," she said. "There's research out there, but it's scattered. We had to pull together a lot of primary sources and make it digestible - from beginner concepts to advanced attacks." Browser-based threats have spiked recently, with attackers targeting the browser as the new endpoint for enterprise data. "Think about it," she said. "We don't download files anymore. Our files, apps, identities - everything is now in the browser. It's where 60 to 70 per cent of enterprise data lives." Adeline warned that the shift in attacker behaviour is permanent. "It's not just a trend. There's a fundamental change in how we work, and attackers are following the data." To help teams assess their own posture, SquareX has also launched a free browser attack testing tool. "Seeing is believing," she said. "You can test against 49 different browser-based attacks and see which ones bypass your current solutions." She sees two main approaches to browser defence: dedicated secure browsers, or solutions like SquareX's browser extension, which converts any existing browser into a secure one. "Most organisations can't migrate everyone to a new browser," she said. "Extensions are more practical, and updates are seamless." SquareX positions itself as the EDR for the browser, focusing on detection and response at a granular level. "We're obsessed with user experience. You can't compromise productivity just to get security," she said. The company's design avoids the risks of dedicated browsers, which often lag behind on security patches. "Every time Chrome issues a patch, those browsers need to be updated manually. That creates a gap where zero-days can thrive," she explained. Future plans include a red team edition of the manual and continuous updates as attacks evolve. "I wouldn't be surprised if there are multiple versions by next year," Adeline said. Her advice to security leaders just waking up to the browser as a threat vector is clear: "You need browser-native security to tackle browser-native threats." Adeline believes the industry must go beyond reacting to breaches and start anticipating them. "The best defence is understanding what attackers are doing," she said. "You can't just play catch-up." For her, the inclusion of peer input in the manual is crucial. "Security leaders want to hear from their peers. They need validation that this is a permanent shift, not a passing concern," she said. Asked what's changed to make browsers such a prime target now, Adeline points to a confluence of technology and behaviour. "Chrome has added countless new features like WebAssembly and WebRTC. These make browsers powerful enough to replace local apps," she explained. "Since COVID, we've seen everything move online. Now attackers are simply going where the data is." "The browser is the new endpoint," she said. "It's where we work - and where we're vulnerable."
Fox News
27-05-2025
- Business
- Fox News
AI cybersecurity risks and deepfake scams on the rise
Imagine your phone rings and the voice on the other end sounds just like your boss, a close friend, or even a government official. They urgently ask for sensitive information, except it's not really them. It's a deepfake, powered by AI, and you're the target of a sophisticated scam. These kinds of attacks are happening right now, and they're getting more convincing every day. That's the warning sounded by the 2025 AI Security Report, unveiled at the RSA Conference (RSAC), one of the world's biggest gatherings for cybersecurity experts, companies, and law enforcement. The report details how criminals are harnessing artificial intelligence to impersonate people, automate scams, and attack security systems on a massive scale. From hijacked AI accounts and manipulated models to live video scams and data poisoning, the report paints a picture of a rapidly evolving threat landscape, one that's touching more lives than ever before. One of the biggest risks of using AI tools is what users accidentally share with them. A recent analysis by cybersecurity firm Check Point found that 1 in every 80 AI prompts includes high-risk data, and about 1 in 13 contains sensitive information that could expose users or organizations to security or compliance risks. This data can include passwords, internal business plans, client information, or proprietary code. When shared with AI tools that are not secured, this information can be logged, intercepted, or even leaked later. AI-powered impersonation is getting more advanced every month. Criminals can now fake voices and faces convincingly in real time. In early 2024, a British engineering firm lost 20 million pounds after scammers used live deepfake video to impersonate company executives during a Zoom call. The attackers looked and sounded like trusted leaders and convinced an employee to transfer funds. Real-time video manipulation tools are now being sold on criminal forums. These tools can swap faces and mimic speech during video calls in multiple languages, making it easier for attackers to run scams across borders. Social engineering has always been a part of cybercrime. Now, AI is automating it. Attackers no longer need to speak a victim's language, stay online constantly, or manually write convincing messages. Tools like GoMailPro use ChatGPT to create phishing and spam emails with perfect grammar and native-sounding tone. These messages are far more convincing than the sloppy scams of the past. GoMailPro can generate thousands of unique emails, each slightly different in language and urgency, which helps them slip past spam filters. It is actively marketed on underground forums for around $500 per month, making it widely accessible to bad actors. Another tool, the X137 Telegram Console, leverages Gemini AI to monitor and respond to chat messages automatically. It can impersonate customer support agents or known contacts, carrying out real-time conversations with multiple targets at once. The replies are uncensored, fast, and customized based on the victim's responses, giving the illusion of a human behind the screen. AI is also powering large-scale sextortion scams. These are emails that falsely claim to have compromising videos or photos and demand payment to prevent them from being shared. Instead of using the same message repeatedly, scammers now rely on AI to rewrite the threat in dozens of ways. For example, a basic line like "Time is running out" might be reworded as "The hourglass is nearly empty for you," making the message feel more personal and urgent while also avoiding detection. By removing the need for language fluency and manual effort, these AI tools allow attackers to scale their phishing operations dramatically. Even inexperienced scammers can now run large, personalized campaigns with almost no effort. With AI tools becoming more popular, criminals are now targeting the accounts that use them. Hackers are stealing ChatGPT logins, OpenAI API keys, and other platform credentials to bypass usage limits and hide their identity. These accounts are often stolen through malware, phishing, or credential stuffing attacks. The stolen credentials are then sold in bulk on Telegram channels and underground forums. Some attackers are even using tools that can bypass multi-factor authentication and session-based security protections. These stolen accounts allow criminals to access powerful AI tools and use them for phishing, malware generation, and scam automation. Criminals are finding ways to bypass the safety rules built into AI models. On the dark web, attackers share techniques for jailbreaking AI so it will respond to requests that would normally be blocked. Common methods include: Some AI models can even be tricked into jailbreaking themselves. Attackers prompt the model to create input that causes it to override its own restrictions. This shows how AI systems can be manipulated in unexpected and dangerous ways. AI is now being used to build malware, phishing kits, ransomware scripts, and more. Recently, a group called FunkSac was identified as the leading ransomware gang using AI. Its leader admitted that at least 20% of their attacks are powered by AI. FunkSec has also used AI to help launch attacks that flood websites or services with fake traffic, making them crash or go offline. These are known as denial-of-service attacks. The group even created its own AI-powered chatbot to promote its activities and communicate with victims on its public website.. Some cybercriminals are even using AI to help with marketing and data analysis after an attack. One tool called Rhadamanthys Stealer 0.7 claimed to use AI for "text recognition" to sound more advanced, but researchers later found it was using older technology instead. This shows how attackers use AI buzzwords to make their tools seem more advanced or trustworthy to buyers. Other tools are more advanced. One example is DarkGPT, a chatbot built specifically to sort through huge databases of stolen information. After a successful attack, scammers often end up with logs full of usernames, passwords, and other private details. Instead of sifting through this data manually, they use AI to quickly find valuable accounts they can break into, sell, or use for more targeted attacks like ransomware. Get a free scan to find out if your personal information is already out on the web Sometimes, attackers do not need to hack an AI system. Instead, they trick it by feeding it false or misleading information. This tactic is called AI poisoning, and it can cause the AI to give biased, harmful, or completely inaccurate answers. There are two main ways this happens: In 2024, attackers uploaded 100 tampered AI models to the open-source platform Hugging Face. These poisoned models looked like helpful tools, but when people used them, they could spread false information or output malicious code. A large-scale example came from a Russian propaganda group called Pravda, which published more than 3.6 million fake articles online. These articles were designed to trick AI chatbots into repeating their messages. In tests, researchers found that major AI systems echoed these false claims about 33% of the time. AI-powered cybercrime blends realism, speed, and scale. These scams are not just harder to detect. They are also easier to launch. Here's how to stay protected: 1) Avoid entering sensitive data into public AI tools: Never share passwords, personal details, or confidential business information in any AI chat, even if it seems private. These inputs can sometimes be logged or misused. 2) Use strong antivirus software: AI-generated phishing emails and malware can slip past outdated security tools. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices. 3) Turn on two-factor authentication (2FA): 2FA adds an extra layer of protection to your accounts, including AI platforms. It makes it much harder for attackers to break in using stolen passwords. 4) Be extra cautious with unexpected video calls or voice messages: If something feels off, even if the person seems familiar, verify before taking action. Deepfake audio and video can sound and look very real. 5) Use a personal data removal service: With AI-powered scams and deepfake attacks on the rise, criminals are increasingly relying on publicly available personal information to craft convincing impersonations or target victims with personalized phishing. By using a reputable personal data removal service, you can reduce your digital footprint on data broker sites and public databases. This makes it much harder for scammers to gather the details they need to convincingly mimic your identity or launch targeted AI-driven attacks. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap - and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here. 6) Consider identity theft protection: If your data is leaked through a scam, early detection is key. Identity protection services can monitor your information and alert you to suspicious activity. Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft. 7) Regularly monitor your financial accounts: AI-generated phishing, malware, and account takeover attacks are now more sophisticated and widespread than ever, as highlighted in the 2025 AI Security Report. By frequently reviewing your bank and credit card statements for suspicious activity, you can catch unauthorized transactions early, often before major damage is done. Quick detection is crucial, especially since stolen credentials and financial information are now being traded and exploited at scale by cybercriminals using AI. 8) Use a secure password manager: Stolen AI accounts and credential stuffing attacks are a growing threat, with hackers using automated tools to break into accounts and sell access on the dark web. A secure password manager helps you create and store strong, unique passwords for every account, making it far more difficult for attackers to compromise your logins, even if some of your information is leaked or targeted by AI-driven attacks. Get more details about my best expert-reviewed Password Managers of 2025 here. 9) Keep your software updated: AI-generated malware and advanced phishing kits are designed to exploit vulnerabilities in outdated software. To stay ahead of these evolving threats, ensure all your devices, browsers, and applications are updated with the latest security patches. Regular updates close security gaps that AI-powered malware and cybercriminals are actively seeking to exploit. Cybercriminals are now using AI to power some of the most convincing and scalable attacks we've ever seen. From deepfake video calls and AI-generated phishing emails to stolen AI accounts and malware written by chatbots, these scams are becoming harder to detect and easier to launch. Attackers are even poisoning AI models with false information and creating fake tools that look legitimate but are designed to do harm. To stay safe, it's more important than ever to use strong antivirus protection, enable multi-factor authentication, and avoid sharing sensitive data with AI tools you do not fully trust. Have you noticed AI scams getting more convincing? Let us know your experience or questions by writing us at Your story could help someone else stay safe. For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Tahawul Tech
26-05-2025
- Business
- Tahawul Tech
Collaboration over competition powers future of cybersecurity, says EVAD
Abdullah A. Qaisi, CEO & General Manager of EVAD, shares how collaboration and storytelling are reshaping cybersecurity distribution in the region. The 14th edition of GISEC Global witnessed a remarkable convergence of cybersecurity leaders, with vibrant energy lasting through all three days of the event. Among the notable voices was Abdullah A. Qaisi, CEO & General Manager of EVAD, who reflected on the evolving cybersecurity landscape, both regionally and globally. Having just returned from RSA Conference in San Francisco, Qaisi brought a unique perspective to the table—highlighting how the Middle East, and particularly GISEC, is matching global standards in terms of scale, relevance, and impact. In his conversation with Qaisi emphasised that cybersecurity today is less about product pitches and more about impactful storytelling and ecosystem collaboration. He underscored the importance of moving away from a siloed, competitive mindset toward a community-driven approach where distributors, vendors, and partners collectively raise awareness and readiness in the cybersecurity space. Interview Excerpts: How do you compare the energy and scale of GISEC 2025 with other global cybersecurity events? Recently, I attended the RSA Conference in San Francisco, and coming from RSA to GISEC was a different kind of challenge—but a very exciting one. RSA is known for showcasing cutting-edge technologies, but I must say, coming back to Dubai and experiencing GISEC at this scale fills me with pride. This event truly matches international standards. Compared to last year, GISEC 2025 has seen higher visitor turnout and more focused interactions. The arrangements have been seamless, making it easy to connect and engage. Even on the third day, the energy feels like day one. What did EVAD showcase at GISEC Global 2025? This is our first year exhibiting at GISEC, although we've been part of other events like GITEX in the past. Choosing GISEC this year was the right move—its cybersecurity focus aligns perfectly with our position as a value-added distributor in the field. The audience here knows what they want, and that made it easier to present our offerings. At I(VAD), we believe cybersecurity isn't just a product to sell—it's a story to tell. We've focused on storytelling to help customers understand their needs and how our solutions fit. The cybersecurity distribution space is growing fast. How do you view this evolution and competition? Competition is intense, but I don't see other distributors as competitors. I see them as partners in building a stronger cybersecurity community. If one distributor grows, it benefits the entire ecosystem. For example, where EVAD is strong—like the UAE, Saudi Arabia, or even Kenya—we help others gain ground, and vice versa. This shared growth enriches the community. It's about collaboration, not combat. Our collective goal should be to raise awareness and understanding of cybersecurity together. That's an inspiring perspective. How do you foster this mindset across the cybersecurity community? We need to stop operating in silos. I had a recent experience at our booth where a client arrived with a distributor. The moment I introduced myself, the distributor said they couldn't engage as they were from a competing firm. I told them, 'Let's collaborate. If I can't close the deal, maybe you will. Or maybe we do it together.' That mindset shift—from competition to cooperation—is key. If your competitor is doing well, don't pull them down—rise to their level. Together, we can build a safer ecosystem. What challenges still exist in making cybersecurity more relatable? The issue is that people outside the cybersecurity world still see us as a cost rather than a safeguard. That's because the domain is complex and often poorly understood. To change this perception, we need more storytellers. 'We must humanise cybersecurity through storytelling—explain it in ways that resonate with real business needs. Once we do that, understanding and investment will follow naturally.'
