Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Businesses are currently witnessing improvements in cybersecurity capabilities, thanks to advancements in Artificial Intelligence (AI). However, the progress is accompanied by a parallel increase in the threat and sophistication of cyber-attacks, especially when the right event monitoring and threat detection tools are not utilized. Deloitte's latest research on security operations indicates that in 2023, 12.5% of businesses experienced more than one security event.

As organizations increasingly rely on external vendors and enterprise buying patterns continue to decentralize, the challenge of managing risk associated with third parties becomes critical. Unfortunately, even uncovering vendor relationships within an organization can be a struggle, with over 80% of workers admitting to using non-approved SaaS applications. This ‘Shadow IT’ is not only frustrating; it introduces tremendous risk.

AgentTesla is a Windows malware written in.NET, designed to steal sensitive information from the victim's system. It’s considered commodity malware given its accessibility and relatively low cost. Commodity malware poses a significant threat as it enables less sophisticated cybercriminals to conduct various types of cyberattacks without requiring extensive technical knowledge. AgentTesla has been a persistent and widespread threat since its emergence in 2014.

The European Union’s Digital Operational Resilience Act (DORA) is set to go into effect on January 17, 2025, and with it will come new information security and risk management requirements placed on EU financial service providers and their associated critical third-party technology entities.

Ivanti released a patch for a critical vulnerability discovered in Ivanti Endpoint Manager (EPM) that could allow for remote code execution (RCE). This vulnerability is being tracked as CVE-2023-39336 with a CVSS score of 9.6 (Critical), which is not yet actively exploited. All versions of Ivanti EPM prior to Service Update 5 are impacted. Ivanti credits security researcher hir0t for the responsible disclosure.

On January 4, 2024, Ivanti published a security advisory regarding a SQL injection vulnerability in their Endpoint Manager (EPM) solution, CVE-2023-39336. The vulnerability was rated with a CVSS of 9.6, as an attacker with access to the internal network can exploit this vulnerability to execute arbitrary SQL queries without authentication.

As the United States gears up for the 2024 election, the significance of cybersecurity for state and local governments cannot be overstated. In an era where digital threats are increasingly sophisticated, robust cybersecurity measures are essential to protect both the critical election infrastructure and the integrity of elections itself.

The Federal Risk and Authorization Management Program (FedRAMP®) authorization has, for years, been seen as an arduous undertaking only for companies that want to do business with government agencies and their contractors. However, with growing cybersecurity risks, coupled with tightening data privacy regulations across industries, FedRAMP’s fundamental security requirements are becoming best practices for all organizations handling sensitive data.