Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cato XDR breaks the mold: Now, one platform tackles both security threats and network issues for true SASE convergence.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Social engineering attacks can be very effective and good that someone spotted one but unfortunately for them persistence scored in the end.

With over 50 countries heading to the polls this year, including major economies like the U.S., India and the U.K., 2024, one way or another, will be a defining year with over 4 billion voters – around half the world’s population – participating in the democratic process.

Read also: KuCoin and founders face charges, Tornado Cash dev charged with money laundering, and more.

In 2023, cyber threats increased and diversified, resulting in increased security challenges for organizations around the globe. Meanwhile, AI greatly increased its presence in the realm of cybersecurity, both negatively and positively. 2024 is going to be a year in which advanced AI tools and complex social engineering tactics will further alter the cybersecurity game. In this article, we will focus on the most important cybersecurity threats in 2024.

Learn how Tanium and Microsoft Copilot for Security joined forces to empower SOC teams with real-time, AI-driven security.

Over the past few years, software supply chain security has been top of mind for governments and businesses alike. Following Log4Shell in late 2021, the Biden administration’s National Cybersecurity Strategy started focusing on open source supply chain security. The National Security Agency (NSA) recently released new guidance on securing open source software supply chains.

The US National Institute of Standards and Technology (NIST) has almost completely stopped analyzing new vulnerabilities (CVEs) listed in its National Vulnerability Database (NVD). Through the first six weeks of 2024, NIST analyzed over 3,500 CVEs with only 34 CVEs awaiting analysis.1 Since February 13th, however, nearly half (48%) of the 7,200 CVEs received this year by the NVD are still awaiting analysis.2 The number of CVEs analyzed has dropped nearly 80% to less than 750 CVEs analyzed.

In mid-March, UpGuard welcomed security professionals from APAC, EMEA, India, and the U.S. to participate in the first UpGuard Summit of 2024. This quarter’s event focused on third-party risk management (TPRM), specifically addressing how organizations can scale their TPRM programs to meet their evolving needs and defend their growing attack surfaces.

In the digital age, protecting customer data is a cornerstone of trust and reliability between a company and its consumers. As cyber threats loom larger and data breaches become more frequent, safeguarding sensitive information cannot be ignored. Companies that excel in data protection comply with stringent regulations and gain a competitive edge by building solid relationships with their customers.