A selection of this week’s more interesting vulnerability disclosures and cyber security news. Patch time for WordPress users (when isn’t it?) using a popular caching plugin…

As the manager of Snyk user documentation for the past three years, I’ve overseen many improvements in our user docs.

Phishing is the most common method for an attacker to gain an initial foothold in an educational organization, according to the just released Trustwave SpiderLabs report 2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies. Why phishing? Simplicity is the primary reason.

The integration of ID document readers is transforming the KYC process by providing a swift and accurate method for scanning and authenticating identity documents such as passports and driver’s licenses. This technology enhances operational efficiency, reduces errors, and ensures a higher level of compliance and security across various industries .

Every day, the growing threat landscape presents new challenges for security teams, with threats becoming more diverse and complex. But while teams typically have the tools to gather the intelligence they need, they often run into trouble with the next steps in the process - enriching, prioritizing and responding to this intel.

In today’s rapidly digitalizing world, navigating the nuanced path of holistic identity verification is paramount for businesses aiming to strike the delicate balance between regulatory compliance, fraud prevention, and optimal customer experience. Insights from recent studies highlight the growing awareness and challenges surrounding generative AI technologies and deepfake detection among consumers, signalling an urgent need for advanced verification solutions.

Semgrep is a leading static application security testing (SAST) tool powered by an open-source community for surfacing bugs, discovering vulnerabilities, and enforcing code standards. Semgrep has scanned over 75 million packages, contributed to 2000 community rules, and supports over 30 coding languages. Riscosity is the leading data flow observability and security platform. This is why we’re excited to announce Ricosity’s new integration with Semgrep.

JumpCloud’s MSP partners are at the forefront of providing essential IT services to small and medium-sized businesses globally. In our interview series, we delve into conversations with these partners, exploring the dynamics of their MSPs and how JumpCloud plays a pivotal role in their operations. In today’s feature, we had the opportunity to speak again with Chris McKewon of Xceptional.