Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

London, UK, September 24th, 2024 – We are thrilled to announce that The Cyber Helpline has emerged victorious at this year’s National Cyber Awards, securing three prestigious awards! For the fourth year in a row, we have been honored as the Not-for-Profit Cyber Award winner, alongside recognition for individual achievements, including the Alan Turing Award (Rory Innes) and the Cyber Student of the Year Award (Alex Hardy).

We're happy to announce two new Veracode Scan products: Veracode Scan for Eclipse and Veracode Scan for Visual Studio. Building on the success and adoption of Veracode Scan in Visual Studio Code, IntelliJ, PyCharm, and Rider, we're releasing versions for Eclipse and Visual Studio. Now the power of Veracode’s outstandingly accurate Static Application Scanning is avaialble two of the most widely used and customer-requested IDE’s.

In the digital landscape, the integration of Artificial Intelligence (AI) into cybercriminal activities has marked the beginning of a new era of threats. The “machine war” has indeed commenced, with AI enhancing the scale and sophistication of cyberattacks. Distributed denial of service (DDoS) attacks, in particular, have become more formidable with AI’s capabilities, presenting significant challenges for cybersecurity defenses.

Microsoft Copilot for Security is a powerful new artificial intelligence tool that can help companies home in on credible cybersecurity threats amid an onslaught of noise. However, significant expertise is required to configure and operate it properly and avoid unnecessary costs. These are a few key takeaways from the webinar, "Getting Started with Microsoft Copilot for Security", presented by Dan Gravelle, Director of Global Solutions Architecture at Trustwave.

The public sector has faced a surge of cyber attacks in recent months, targeting state agencies, schools and local governments, severely affecting operations. Several recently released cyber industry reports show a steady or growing number of ransomware attacks so far in 2024. The examples below are just some of the cyber attacks against public sector organizations this past summer.

HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ blog discussed its use in distributing malware by storing binaries in immutable blob data within JavaScript code that gets decoded on the client-side browser, eventually delivering the payload.

Every step you take, every move you make, some company will be watching you. While user activity monitoring may sound invasive at first, the growing number of insider and external threats makes it compulsory for companies to understand how users interact with their systems. 43% of workers report their employer monitors their online activity, and this percentage rises to 48% for hybrid employees.

In today’s interconnected world, where the digital landscape is constantly evolving, the threats to an organization’s cybersecurity posture are more sophisticated and pervasive than ever before. Relying on traditional, largely prevention-focused cybersecurity tools and approaches is not enough. Cyber attacks are inevitable.

On-demand cyber risk quantification (CRQ) models have the power to assess an organization’s unique risk profile and, subsequently, generate data-driven insights that facilitate informed risk management decisions. The basis of these insights is grounded on a probabilistic approach to event forecasting, which involves simulating thousands of potential cyber scenarios a business may experience over a given period, typically the upcoming year.

The Zenity Labs team has discovered that non-administrator users can modify existing flows that were connected to Einstein by an administrator, influencing Einstein without having the necessary permissions to edit it directly. In doing so, bad actors can easily insert malicious actions into flows that are triggered by business users throughout the enterprise, including phishing attacks, data exfiltration, and more.