In an era of rapid technological advancements, healthcare organizations are always looking for ways to become more productive and more efficient. In this quest, they are increasingly turning to citizen development and Generative AI tools to streamline processes and drive innovation. Citizen development empowers non-technical employees to create their own applications and automations, thereby enhancing operational efficiency.

Cloud-native and analytic solutions provider Sumo Logic has announced a cybersecurity incident stemming from a compromised AWS account. Sumo’s clients come from various industries, including airlines and video game franchises. On November 7th, they posted a breach notice to their website; they stopped the attack before the data could be unencrypted.

Philadelphia, PA, November 9, 2023 – Leading cyber risk management and threat intelligence provider Outpost24 today announced the release of Threat Explorer, an advanced vulnerability intelligence and custom alerting tool for continuous threat monitoring.

CrowdStrike Counter Adversary Operations has been investigating a series of cyberattacks and strategic web compromise (SWC) operations targeting organizations in the transportation, logistics and technology sectors that occurred in October 2023. Based on a detailed examination of the malicious tooling used in these attacks, along with additional reporting and industry reports, CrowdStrike Intelligence attributes this activity to the IMPERIAL KITTEN adversary.

KnowBe4 is proud to be recognized by TrustRadius for our Security Awareness Training and PhishER platforms in three categories for Best Value for Price, Best Relationship and Best Feature Set. The Best of Awards highlight products providing customers with outstanding ROI, customer satisfaction, performance, reviews, and more. To win a Best of Award, each organization had to receive 10 TrustRadius reviews between January 1 and September 30, 2023.

On July 14, CISA published an industrial control system (ICS) advisory about two new critical vulnerabilities affecting Rockwell Automation ControlLogix communication modules: CVE-2023-3595 and CVE-2023-3596. CISA and Rockwell Automation recommended that asset owners patch vulnerable devices and add controls such as segmenting networks and using network intrusion detection.

You’ve probably heard of a few password management options, like 1Password (👋), Dashlane, and LastPass – but what do they all do?

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Quite a strange and serious concern if funds are just leaking don’t you think?

Traditionally Hacktivists were thought of as ideologically motivated threat actors, unaffiliated with nation-states. However recently according the Cyberint research, the lines have blurred. There are now several Hacktivist groups who align with specific nation-states. One example is the KillNet Hacktivist Group. KillNet is a hacktivist group aligned with Russia, who gained significant attention at the onset of the Russia-Ukraine conflict.