Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Nightfall has been named a Leader in Data Loss Prevention (DLP), Sensitive Data Discovery, Data Security, and Cloud Data Security in G2’s Summer ‘24 reports. We’d like to extend a huge thank you to all of Nightfall’s customers and supporters for making this possible. We’re also happy to acknowledge the Nightfall team’s tireless innovation, all in pursuit of helping customers to protect their sensitive data across the sprawling enterprise attack surface.

Transaction monitoring in the realm of Anti-Money Laundering (AML) is a critical process that financial institutions employ to detect and prevent illicit activities such as money laundering, terrorist financing, and fraud. As regulatory scrutiny intensifies globally, the importance of robust transaction monitoring systems cannot be overstated.

OpenSSH, an application installed by default on nearly every Unix-like and Linux system, has recently come under scrutiny due to a critical vulnerability discovered by Qualys. Designated as CVE-2024-6387 and aptly named "regreSSHion," this flaw exposes Linux environments to remote unauthenticated code execution. The implications of this vulnerability are far-reaching, potentially affecting countless servers and infrastructure components across the globe.

Cybersecurity is no longer solely an IT department’s concern; it's a company-wide responsibility. But with busy schedules and overflowing inboxes, getting employees to truly pay attention to cybersecurity training can feel like an uphill battle. Let’s start off with why too many staffers are apt to mentally tap out when taking an awareness course. Now, let’s look at how to design a cybersecurity awareness program that will keep employees engaged and informed.

Welcome to the latest from Corelight Labs! This blog continues our tradition of picking a popular malware family from Any.Run and writing a detector for it! Trending consistently at #1 on Any.Run’s malware trends list, Agent Tesla uses multiple protocols to communicate with its C2 infrastructure, making it more difficult to detect robustly than a malware sample utilizing only one network protocol for its C2.

On June 28, 2024, Juniper released fixes for a critical authentication bypass vulnerability discovered during internal testing, CVE-2024-3937. Juniper has stated that this vulnerability affects only Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products running in high-availability redundant configurations.

On June 25, 2024, Fortra published a security advisory for a vulnerability affecting their FileCatalyst Workflow product. The vulnerability, labelled as CVE-2024-5275, is rated as critical severity due to its low attack complexity and high impact.

Comprehending and effectively addressing cybersecurity threats is paramount to organizational security. As artificial intelligence continues to evolve, how companies respond to cybersecurity threats and how they take proactive steps to mitigate them will factor heavily into profitability, reputation and long-term success.

Mary had a long career in the UK government, working in senior roles in a range of agencies across counter terrorism, national security and law enforcement, including the Independent Police Complaints Commission and the Serious Organised Crime Agency. Her last executive role was as Director General for Crime, Policing and Fire in the Home Office.