Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat actors impersonate HR in seasonal phishing campaign, Zloader receives new features and capabilities, and new details emerge about Secret Blizzard.

As company priorities and processes evolve, testing and implementing changes in your workflows is essential, especially for those workflows with a major influence across your business. Should the team push the wrong change live, an alert’s remediation process could be potentially slowed down, or employee information could be revealed to the wrong team.

2024 was a special year for Tines. And a busy one! We introduced 177 (and counting) new product capabilities. We raised an additional $50M from existing investors. And most importantly, our builders – the users of the Tines platform – brought more workflows to life than ever before: solving problems for their teams, and often sharing their learnings with the broader Tines community.

In 2024, phishing threats have become more sophisticated, with cybercriminals leveraging new methods such as quishing and multi-channel attacks. The growing complexity is evident in recent data, with a rise in incidents reported to the ICO in the UK and a 10% increase in complaints, including phishing/spoofing, filed with the FBI's Internet Crime Complaint Center (IC3) in the US.

TikTok Shop is generally safe to buy from, but it’s important to be careful when purchasing from the online marketplace. TikTok Shop is a segment of TikTok that allows you to buy items from your favorite content creators and influencers. The online marketplace launched in the U.S. in September 2023, and approximately 5% of all American consumers purchased a gift from TikTok Shop during the 2023 holiday season, according to Forbes.

At Keeper Security, product innovation is the cornerstone of our mission to empower our customers to protect their credentials, secrets and connections, and to reduce the risk of cyber attacks. In this blog, we take a closer look at some key product and feature releases that made 2024 another transformative year for Keeper. To stay up to date with all product releases and enhancements, view the Keeper Release Notes.

As security leaders, you’re tasked with protecting the crown jewels of our organizations, your data, while balancing innovation, compliance, and ever-evolving threats. Yet, too often, data security strategies rely on isolated tools and reactive measures, leaving critical gaps.

CVE-2024-52875 is an HTTP Response Splitting vulnerability in Kerio Control. This flaw allows an attacker to inject malicious input into HTTP response headers by introducing carriage return (\r) and line feed (\n) characters. Such manipulation can cause the server to send multiple HTTP responses instead of one, leading to various attacks.

According to a recent Gartner report, 88% of boards view cybersecurity as a business risk, not just an IT issue, underscoring the critical need for organizations to adopt robust, scalable frameworks to manage cybersecurity risks. In today’s rapidly evolving threat landscape, frameworks like the NIST Cybersecurity Framework (CSF) are pivotal for safeguarding organizations from vulnerabilities while maintaining alignment with business objectives.

The Securities and Exchange Board of India (SEBI) has raised the bar on cybersecurity with its newly introduced Cybersecurity and Cyber Resilience Framework (CSCRF), effective August 20, 2024. For regulated entities (REs)—including stockbrokers, depositories, asset managers, and alternative investment funds—the framework not only requires compliance but also lays out a clear path toward resilience. These new guidelines require REs to implement VAPT and risk management, among other mandates.