SenseOn has detected a large increase in the Lumma Stealer malware targeting customers over the past few months. Unlike traditional malware strains, Lumma Stealer has been leveraging a unique, and increasingly effective, access vector of fake CAPTCHA verification prompts. These deceptive prompts trick users into running malicious commands on their device eventually injecting malicious processes into legitimate programs. This attack vector is expected to become even more prevalent throughout 2025.

On the 18th of November 2024, Palo Alto published advisories disclosing two vulnerabilities affecting the Web Management Interface in PAN-OS. The most critical of these vulnerabilities is CVE-2024-0012 with a severity rating of 9.3. Exploitation of this vulnerability allows a remote, unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges.

DORA’s public consultation period is over. If your organisation deals with the finances of people or other entities based in the EU or provides services to a firm that does, you will want to know how its rule set has changed. We’ve read through the Digital Operational Resilience Act (DORA) documentation and kept up to speed with the latest EU FSI regulation memos. The bottom line is that DORA remains a very demanding regulation with a huge scope.

Based on our reading, the Digital Operational Resilience Act (DORA), is at a fundamental level, a transformative ICT challenge. DORA makes the speed and accuracy of security threat detection and response a board-level concern. Fail to stop, classify and report on cyber incidents accurately and, from 2025 onwards, your organisation could face a fine of 1% of global turnover.

In what feels like 10 minutes, cybersecurity AI and machine learning (ML) have gone from a concept pioneered by a handful of companies, including SenseOn, to a technology that is seemingly everywhere. In a recent SenseOn survey, over 80% of IT teams told us they think that tools that use AI would be the most impactful investment their security operations centre (SOC) could make.

Thanks to ChatGPT, you’ve probably heard a lot about generative AI technology over the last few years. Generative AI is artificial intelligence technology that works by taking input data like a request, processing it through different algorithms, and producing an output based on learned patterns. ChatGPT is a generative AI chatbot. 91% of security teams use generative AI, but 65% don’t fully understand the implications.

In February of 2024, SenseOn was contacted to assist with investigating suspicious activity on a customer’s estate. SenseOn analysts quickly identified a malware infection and identified the variant as SocGholish. This blog will showcase SenseOn’s detection and response capabilities against the malware and a breakdown of SocGholish’s techniques and that of the threat actor observed.

At a high level, security leaders need tools that: a) Efficiently detect and respond to threats. b) Can be managed sustainably. c) Deploy quickly and scale with their organisation. d) Are cost-effective. Large SOCs in a handful of enterprises could do this by deploying point solutions and hiring experts to manage them. For everyone else, is there a more efficient way to deliver on these capabilities than a consolidated cybersecurity platform? If you’ve found one, stop reading now.

In the high-stakes world of cybersecurity, where threats evolve hourly and every endpoint is a potential vulnerability, rapid response can make or break an organisation's defences. A recent customer case study showcases how our Quick Actions feature is enhancing the way organisations handle cybersecurity incidents.

Is there one cybersecurity tool to rule them all? For most companies, the answer is probably yes. A cybersecurity platform combines multiple security capabilities — endpoint security, threat response, event logging, and more—into a single system. There are Swiss Army knife cybersecurity platforms that perform a range of tasks, like extended detection and response (XDR), and platforms with more niche functions.