0 Comment
Don’t Be an AI Fool: When AI Belongs in Your Cybersecurity Stack (and When It Doesn’t)
Nearly every vendor today claims to be “AI-powered.” Security leaders are told that machine learning will detect threats faster, reduce workloads, and close skills gaps. Boards ask about AI strategy. Analysts publish optimistic reports. Procurement teams feel pressure to keep up. However, amid the excitement, an important question often gets overlooked: Is this AI actually […]
0 Comment
Can We Trust AI to Make Critical Decisions? Why the Real Question is About How We Trust AI
Artificial intelligence has moved from optional “nice-to-have” to indispensable tool. From support in business workflows to lifesaving applications in health diagnostics and autonomous systems, AI is already deeply embedded in decisions that shape outcomes for individuals, companies, and societies alike. The question many are now asking, as it was during a recent ReadSetCyber discussion, is […]
0 Comment
Cybersecurity Awareness Month Spotlight:
Lessons Learned from the FEMA/CBP Breach TraitWare: Phishing-Resistant, Passwordless MFA for Government Systems October is Cybersecurity Awareness Month, a time to reflect on recent breaches and the lessons they teach us. Just this June, FEMA and CBP suffered a major compromise when attackers exploited stolen login credentials to access FEMA’s Citrix Virtual Desktop Infrastructure. The […]
0 Comment
FBI Issues Salesforce Data Breach Alert: Protect Against OAuth Attacks
How Modern Cyber Attacks Exploit OAuth, APIs, and Human Error (and What Companies Can Do About It). On September 12, 2025, the FBI issued FLASH-20250912-001, calling urgent attention to a wave of data theft and extortion attacks targeting Salesforce environments. Two major cybercriminal groups – UNC6040 and UNC6395 – are leading the charge. They employ […]
0 Comment
Downgrade Attacks: When Even Strong Authentication Can Be Tricked
FIDO-based passkeys (like hardware keys, biometrics, or “passwordless” logins) are considered one of the best ways to protect accounts from phishing and takeover threats. They’re strong because they don’t rely on passwords or codes that can be easily stolen. But researchers at Proofpoint have found a new trick called a “downgrade attack.” Here’s how it […]
0 Comment
Simplicity Wins
The Criticality of Reducing Complexity in Cybersecurity For decades, the cybersecurity industry has been building increasingly sophisticated security architectures in an effort to keep up with the burgeoning business of cybercrime. The problem is … Well, it’s complicated! The complexity — of our approach AND our solutions — is arguably the biggest issue in Cyber […]
0 Comment
2FA is Not MFA: The Distinction Matters More than Ever
In the world of cybersecurity, experts talk a lot about Multi-Factor Authentication (MFA) as the #1 basic requirement for all Enterprises. Companies have a tendency to think of Two-Factor Authentication (2FA) as the same as MFA. But the Truth Is: 2FA is not MFA, and treating them as interchangeable is a dangerous misconception—especially for businesses […]
0 Comment
When Cybersecurity Gets Personal
I was a Victim of the Change Healthcare Breach -By Herbert Spencer – TraitWare Sometimes it’s frustrating being an innovator in cybersecurity. A few days ago, I received a letter from Change Healthcare, notifying me that my personal information had likely been compromised in a recent data breach – the one that affected millions of […]
0 Comment
The CDK Global Data Breach
A Worldwide Wake-Up Call Last week, automotive software-as-a-service (SaaS) provider CDK Global reported a Data Breach that has had ongoing catastrophic effects on the company, its customers, and consumers. While the event has devastated the dealerships, the story is a worldwide wake-up call for all. What happened? What are the effects? What can affected companies […]
0 Comment
Secure by Design
TraitWare Signs the Secure by Design Pledge, Joining in CISA’s Quest for Strong Security for All. In April 2023, CISA launched the Secure by Design initiative with the participation of other national and international organizations. This attempts to shift the responsibility of security from the consumer to the technology manufacturer. As part of their ongoing […]
0 Comment
Enterprise Cybersecurity: Practice vs. Risk
Are We Getting It Wrong? Due to the rising severity and frequency of cyber-attacks, Enterprise spending on cybersecurity is also rising worldwide. But debate is heating around which security methods we should employ. Where are organizations focusing their efforts, and where is the most risk? According to experts, companies may not be getting their priorities […]
0 Comment
Should Governments Require Stronger Security?
Rising cyber threats and incidents of cyber-attack across the globe have many calling for federal intervention to protect our digital valuables. What’s Happening … In recent news, the United Health Group (UHG) paid a $22 million ransom to the BlackCat ransomware gang for a late February cyber-attack on subsidiary Change Healthcare. The attack, which was […]