Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Elizabeth Harz, CEO of Veriato, sits down with Chris Hughes from Acceleration Economy for an exclusive interview to discuss the evolving landscape of insider risk management.

On July 19, 2024, a flawed update in CrowdStrike Falcon's channel file 291 led to a logic error that caused Windows systems to crash, resulting in widespread BSOD (Blue Screen of Death) incidents. The impact was severe, disrupting critical infrastructure globally, from grounded flights to halted public transit systems. In fact, you’d have to have been living under a rock to have missed this incident.

As data privacy concerns rise globally, regulations like the General Data Protection Regulation (GDPR) in the European Union and the Digital Personal Data Protection (DPDP) Act in India have been established to safeguard personal information. While both frameworks aim to protect individuals’ data, they vary in scope, requirements, and enforcement. In this blog, we’ll explore the similarities and differences between DPDP and GDPR, focusing on key regulatory requirements.

Offensive security and active defense may appear at first glance as contradictory cybersecurity solutions, but when paired, they create complementary and robust protective solutions. Let's take a quick look at what each solution offers before we go into the details. Offensive security involves attempting to identify flaws in an organization before a threat actor has a chance to exploit them.

In today's rapidly evolving cybersecurity landscape and complex compliance mandates, traditional Security Operations Centres (SOCs) are being transformed by the integration of artificial intelligence (AI) and machine learning (ML). At Splunk, we are no strangers to these technologies.

In the previous blog we covered how to use PGP keys for encrypting and decrypting emails on desktop clients like Thunderbird and Outlook. Now, let's take a look on securing your emails without too much hassle using OpenPGP on webmail services like Gmail using the Mailvelope extension for Google Chrome.

Imagine you have a backpack with a granola bar buried at the bottom and a tenacious tiny dog who loves snacks. Even though the dog shouldn’t be able to reach that granola bar stored away carefully, it managed to open a zipper and snoop through the contents to eat the snack. From an IT environment standpoint, Application Programming Interfaces (APIs) are the backpack carrying sensitive – but appealing to attackers – data.

In a security bulletin on February 19, ConnectWise announced critical vulnerabilities (CVE-2024-1708 & CVE-2024-1709) to its on-premises ScreenConnect product (identified and responsibly reported by one of Kroll’s SOC analysts), allowing attackers to takeover an organization’s ScreenConnect. The vulnerability, trivial to exploit, allows anonymous individuals to a create system admin account on publicly exposed instances of the product.

Developers and cybersecurity have an interesting relationship. Developers have no problem with security operations just as long as they’re not involved or adding security doesn’t slow down their development cycle. Thankfully, well-documented security operations — known as DevSecOps — assist with the software development lifecycle (SDLC) and perform mostly invisibly from the developer’s perspective.

As the threat landscape continues to develop, ransomware and data brokerage groups constantly emerge, develop, and disband. Cyjax observed a relatively high level of data-leak site (DLS) emergence in July 2024, with a total of nine new sites. For reference, the highest observed number of ransomware groups that have emerged in a single month is ten (September 2022).