Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2024

Elevating Cloud Security With Well-Architected Practices

It’s said that life truly begins when you step out of your comfort zone. Living in California provides me with many options for hiking and trekking, a perfect backdrop for spending time with nature and enjoying it with friends and family. As a hiking and nature enthusiast, I have done many moderately challenging trails in and around the Bay Area – my comfort zone.

Ransomware's PLAYing a Broken Game

The Play ransomware group is one of the most successful ransomware syndicates today. All it takes is a quick peek with a disassembler to know why this group has become infamous. This is because reverse engineering the malware would be a Sisyphean task full of anti-analysis techniques. That said, it might come as a surprise that the malware crashes quite frequently when running.

GenAI's Role in Upskilling to Close the Cybersecurity Skills Gap

The cybersecurity industry has a major people problem: it doesn’t have enough of them. The global shortage of more than 4 million cybersecurity workers isn’t a new phenomenon, but as digital and cloud initiatives accelerate, the effects are even more profound. This is especially true in the identity security domain.

EP 44 - The Rise of Prompt Engineering: How AI Fuels Script Kiddies

In this episode of Trust Issues, CyberArk’s resident Technical Evangelist, White Hat Hacker and Transhuman Len Noe joins host David Puner for a discussion about the emerging threat of AI kiddies, a term that describes novice attackers using large language models (LLMs) and chatbots to launch cyberattacks without any coding skills.

Why Identity Security Requires More Than ITDR

Identity Threat Detection and Response (ITDR) is one of many aspects of an effective identity security program. Yet despite what some detection and response-focused vendors may argue, ITDR is not a silver-bullet solution to prevent identity-centric attacks. Such a thing doesn’t exist. In fact, modern data breaches, industry analyst perspectives and compliance requirements make it crystal clear that organizations need more than ITDR to build an identity security program.

3 Things About 2023's Threat Landscape That Shapes My 2024 CIO POV

2023 was a tumultuous year that drove technology transformations at a pace unknown. The industry saw an accelerated and unrivaled pace of technology adoption, persistent yet evolving challenges and unparalleled market dynamics around the world. The following are the top three trends from last year that influenced my thinking as a CIO at the top of 2024.

EP 43 - Breaking Things in the Name of Cyber Resilience

Guest Dr. Magda Chelly, Managing Director and CISO of Responsible Cyber, joins Trust Issues host David Puner for a conversation about third-party risk management and cyber resilience. Dr. Chelly underscores the imperative of prioritizing identity management, particularly as decentralized work environments are becoming the norm in today’s evolving digital landscape.

Securing High-Risk Access with Reimagined PAM Controls: A Customer Story

My team and I were on a call with a customer who saw a critical need to secure access to his company’s cloud service provider (CSP) containers. Our conversation comes to mind often, because it reflects the fast-evolving nature of privileged access and what it takes to secure it in today’s complex IT environment. As we spoke, the customer stood out to me as a forward-thinking leader. His job: protect and enable an enterprise that is no stranger to the cloud.

CyberArk Labs' 2023 Threat Research Highlights

Throughout an eventful 2023, CyberArk Labs remained focused on uncovering emerging cyberattack patterns and producing threat research aimed at helping organizations strengthen their identity security defenses. We covered a lot of ground this year and had the opportunity to share our findings at events around the world. Today, we’re revisiting some notable threat research projects from 2023.