Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Our teams are always hard at work improving the TrustCloud platform. Here are this month’s biggest updates.

In today’s fast-paced global trade environment, the strategic value of a seaport is no longer determined solely by its geographical location or proximity to industrial hubs. Instead, the ability to leverage advanced technologies to boost operational efficiency and remain competitive is the defining factor. This shift in value is increasingly recognized across the maritime industry, as ports seek innovative digital solutions to manage complex logistics.

One of the most powerful weapons at an attacker’s disposal is the use of specialized tools designed to compromise network security. Mimikatz, BloodHound, and winPEAS are just a few examples of tools that can wreak havoc in your environment if left undetected. In this article, we’ll explore how malicious actors can exploit specialized tools to launch sophisticated attacks.

Cybercriminals are targeting educational institutions, attracted by the vast amount of sensitive data they handle: student and employee personal information, research, and intellectual property. With tight technology budgets and often weak defenses, many of these organizations are easy prey for increasingly complex cyberattacks, putting their reputation and operations at risk.

Our users secure products and services developed by dozens of distributed technical teams. They rely on tools like Detectify to prioritize and triage vulnerability findings onward to development teams to remediate. This process is anything but straightforward, which is why we’re excited to see our users utilize our integration platform in ways that help them work efficiently alongside their tech teams.

Recently, AWS expanded the scope of their AWSCompromisedKeyQuarantine policies (v2 and v3) to include new actions. This policy is used by AWS to lock down access keys that they suspect have been compromised. A common example of this process in action is when AWS automatically applies the quarantine policy to any keys found by scanning public GitHub repositories. This proactive protection mechanism can stop compromises before they happen.

Large Language Models (LLMs) transform how organizations process and analyze vast amounts of data. However, with their increasing capabilities comes heightened concern about LLM security. The OWASP Top 10 for LLMs offers a guideline to address these risks. Originally designed to identify common vulnerabilities in web applications, OWASP has now extended its focus to AI-driven technologies. This is essential as LLMs are prone to unique LLM vulnerabilities that traditional security measures may overlook.

PII (Personally Identifiable Information) refers to data that can directly or indirectly identify an individual, such as names, addresses, or phone numbers. Protecting PII data is critical, as exposure can result in identity theft, financial fraud, or privacy breaches. With businesses collecting vast amounts of PII, proper PII data classification has become essential to safeguarding sensitive information and complying with data protection regulations.