Securing data today requires the context provided by data lineage: where data came from, who interacted with it over time, which systems have used it, and more. But buyer beware: many vendors now claim to offer “data lineage” that only provides a tiny fraction of the context of true, global data lineage.

Halloween-themed spam and phishing emails have surged over the past two months, with a significant increase beginning in October, according to researchers at Bitdefender. “Bitdefender’s telemetry indicates a sharp rise in Halloween-themed spam throughout September and October,” the researchers write. “However, Halloween-themed spam rose 18% percentage points between 1-16 October 2024, compared to the entire month of September.

As generative AI evolves and becomes a mainstream part of cyber attacks, new data reveals that deepfakes are leading the way. Deepfake technology has been around for a number of years, but the AI boom has sparked new attacks, campaigns, and players all trying to use the impersonation technology to rob victims of their credentials, personal details or money. We recently covered multiple deepfake campaigns all perpetrated by a single individual that reached a global level.

Vulnerability management programs attempt to identify and correct software vulnerabilities before they pose a significant threat to an organization’s cybersecurity. To learn more about how to design and implement a vulnerability management program, check out these resources: This article describes the tools that an organization will need to implement an effective vulnerability management program.

Cybersecurity in 2024 has seen a shift toward open, collaborative intelligence sharing across industries. This shift is promising but not yet complete; significant gaps remain in intelligence sharing, especially following cyber incidents. Victim organizations are often hesitant to share attack details due to fears of reputational damage and stigmatization.

With an average of more than 5 data breaches globally a day, it’s clear companies need a way to prevent data loss. This is where a data loss prevention policy comes into play. A data loss prevention policy serves as a crucial safeguard against unauthorized access, data breaches, and compliance violations. This comprehensive framework outlines strategies and procedures to identify, monitor, and protect valuable data assets across an organization’s network, endpoints, and cloud environments.

This post is based on ongoing security research – and will continue to be updated as we get additional information…