Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The 2024 Global Digital Trust Insights survey from PwC reports that 36% of businesses have experienced a data breach that cost more than $1 million to remediate. Cyber threats are clearly on the rise and in today’s volatile threat environment, it is a matter of when - not if - a cybersecurity incident will occur. Digital adversaries are becoming more sophisticated and relying on weak links to exploit company applications and infrastructure.

Winston Churchill once famously said, “Those who never change their minds, never change anything.” When it comes to business decisions, the status quo is often the easiest and safest path forward, but is it always the best decision? After Conagra Brands acquired Pinnacle Foods Inc. in late 2018, it faced many difficult decisions in integrating the two companies.

This year, the average cost of a data breach is $4.88 million. Many organizations can’t afford the financial burdens or reputational damage associated with poor data security. Needless to say, in today’s sprawling, cloud-based digital landscape, the risks have never been higher. But have no fear: Data Loss Prevention (DLP) tools can provide CISOs and security analysts with some peace of mind. Read on to learn more about how you can use DLP tools to create an airtight data protection strategy.

In the last few weeks, there have been a few announcements made about a new malware threat known as FrostyGoop or BUSTLEBERM (as it was originally tracked by Mandiant). It is being recognized as the first custom malware to integrate Modbus for the purpose of causing physical damage. An associated incident has been reported where the malware was used to disrupt heating in Ukrainian homes in the context of a Russian cyberattack.

The New York Times had their entire codebase leaked. In this article we explore what was inside that code, how the leak happened and what the risk for the New York Times going forward is. (Spoiler we found thousands of secrets).

This report is the first in a series of blogs that will delve into the deep research the SpiderLabs Threat Intelligence team conducts daily on the major threat actor groups currently operating globally. The information gathered is part of a data repository to help SpiderLabs identify possible intrusions as it conducts threat hunts, vulnerability scans, and other offensive security tasks.

Every program running on a system needs specific permissions to access files, networks and other resources. A process level token acts as an ID for each program determining what it is allowed to do and access on the system. Tokens are critical for certain Windows functionalities, such as Task Scheduler, which uses this privilege to manage processes on behalf of different users.

Any security professional will tell you there’s a simple way to keep data secure: encase it in concrete and toss it in the ocean.

Zero Trust is having a bit of a moment.