Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats by the SafeBreach Labs team. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats.

CISOs today intersect with all facets of the business, whether that be liaising with network teams to manage performance, or balancing the costs of IT operations to avoid isolation from core business functions. Successful CISOs navigate these intersections by adopting proactive strategies in order to transition from a back-office role and become recognised as valued strategic partners within their organisations.

GitGuardian is pushing its secrets detection engine precision to new heights. We enhanced our detection capabilities with Machine Learning to cut the number of false positives by half. Security and engineering teams will spend significantly less time reviewing and dismissing false alerts.

In a recent cybersecurity incident, tens of thousands of Levi's customers had their accounts compromised following a credential stuffing attack. According to a notice published on the Maine Office of the Attorney General's website, 72,231 individuals were potentially impacted by the breach on June 13. Incident Details On June 13, Levi's detected unusual activity on their website, indicating a credential stuffing attack.

Incident Overview In a significant breach of healthcare data security, the Qilin ransomware gang has leaked 400GB of NHS and patient data on Telegram. The group, identified as the Qilin ransomware gang, claimed responsibility for the exfiltration and demanded a $50 million ransom, threatening to release the data if their demands were not met. Following failed negotiations, the gang followed through on their threat and made the entire dataset public.

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian data privacy law that governs how private sector organizations collect, use, and disclose personal information when conducting commercial activities. By setting strict requirements for private businesses, PIPEDA ensures that individuals and customers have control over how their data is managed.

The Sansec.io research team warned today that a script from the polyfill.io domain and service, which was purchased earlier this year by a Chinese company named ‘Funnull’, has been modified to introduce malicious code on websites in a supply chain attack. Currently over 100,000 sites could be impacted.

Security teams are drowning in alerts and manual tasks, and the weight of human error hangs heavy. Repetitive tasks lead to fatigue, where overlooked details can have devastating consequences. In a high-stakes environment where misconfigurations, accidentally exposed secrets, and delayed responses spell disaster, security teams desperately need tools to reduce the risk and pressure.

Properly architecting and designing solutions for clean room recovery is a crucial step for any organization looking to become more resilient to cyber threats. Clean rooms provide organizations with an isolated environment where data integrity and recovery processes are insulated from external threats. By providing a clean room environment, organizations can expedite security investigations and recovery timelines in the event of a cyber attack.

We’re thrilled to share that the CrowdStrike Falcon sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes deeper into the integration and shares how customers leveraging Google Cloud Run and CrowdStrike can deploy Falcon quickly to enhance their serverless security requirements.