Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The intersection of identity, endpoint, and network security is becoming increasingly self-evident. Despite all their efforts, modern organizations continue to struggle to safeguard their data and prevent unauthorized access. The Verizon Data Breach Investigations report for 2024 continues to highlight that human elements were a component of 68% of breaches.

With the threat landscape being on the rise, CISOs need to be much more attentive while building the organization’s security strategy. Constantly arising vulnerabilities, ransomware attacks, critical workflows, outages – all of that require CISOs to stay up to date to security issues and keep their finger on the pulse to change their security strategy once the prerequisites pop up. We’ve been tracking GitHub, GitLab, and Atlassian -related incidents for the latest few years…

It’s time to ‘Have Your Say’ on the future of cybersecurity regulations in the European Union. The draft implementing regulation for the NIS2 Directive is now open for public feedback through the ‘Have Your Say’ portal until July 25, 2024. This consultation period allows stakeholders to contribute to refining the regulation, with all feedback shaping the final regulations.

We're gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek - not just one, but TWO of Wallarm's open-source tools will be featured in the Arsenal showcase at Black Hat USA this year. Black Hat Arsenal unites researchers and the open-source community to display their newest open-source tools and products, allowing presenters to engage directly with attendees. Its schedule is now live, so save the date to watch presentations of API Firewall and GoTestWAF.

Earlier today, CrowdStrike released a new update on their Falcon Sensor product. Unfortunately, the update caused technical issues, resulting in major outages globally to Microsoft Windows machines. The issue caused the “Blue Screen of Death” and several reports worldwide stated that several industries were affected, such as airlines, banks, media, etc. According to CrowdStrike Tech Alert, they are already aware of reports of crashes on Windows hosts related to the CrowdStrike Sensors.

On Wednesday night, the Indian cryptocurrency platform WazirX experienced a significant cyberattack, resulting in the theft of at least $230 million worth of cryptocurrency. The breach was first detected by several blockchain security companies, including Elliptic, Arkham, and BlockSec. These firms observed large amounts of digital coins being siphoned out of WazirX before the platform acknowledged the security breach.

In today's digital landscape, stealer logs have become a significant threat, targeting sensitive information and compromising security. At Foresiet Threat Intelligence Team, we continuously monitor and analyze these threats to help protect individuals and organizations. Here are the top 5 stealer logs currently affecting users.

Mobile devices are now an integral part of the way we work, and because of that, mobile security has become a necessity when it comes to protecting an organization’s data. Yet with many IT and security teams already stretched to the limit, the task of incorporating mobile security into their existing operations may seem like an impossible task.

When it comes to how employees get work done, personal devices are an ever-growing part of the equation. The 2023 Lookout State of Remote Work Security Report found that 92% of remote workers have performed work tasks on their personal mobile devices. While putting security controls on employer-owned devices is a no-brainer, the increasing overlap of personal with professional means that organizations need to think about how to secure employee-owned devices that are being used for work.