In 2024, phishing threats have become more sophisticated, with cybercriminals leveraging new methods such as quishing and multi-channel attacks. The growing complexity is evident in recent data, with a rise in incidents reported to the ICO in the UK and a 10% increase in complaints, including phishing/spoofing, filed with the FBI's Internet Crime Complaint Center (IC3) in the US.

2024 was a special year for Tines. And a busy one! We introduced 177 (and counting) new product capabilities. We raised an additional $50M from existing investors. And most importantly, our builders – the users of the Tines platform – brought more workflows to life than ever before: solving problems for their teams, and often sharing their learnings with the broader Tines community.

As company priorities and processes evolve, testing and implementing changes in your workflows is essential, especially for those workflows with a major influence across your business. Should the team push the wrong change live, an alert’s remediation process could be potentially slowed down, or employee information could be revealed to the wrong team.

Threat actors impersonate HR in seasonal phishing campaign, Zloader receives new features and capabilities, and new details emerge about Secret Blizzard.

With the exponential expansion of AI, bad actors are frothing at the mouth. Advanced technology for automating social engineering techniques that previously required technical know-how is now within arm’s reach of anyone with a keyboard. Attempts to exploit and deceive are more common than ever, and they are emptying business’s pockets. In 2023, 800 businesses worldwide reported fraud losses totaling 6.5% of their revenue, amounting to $359 billion.

The rise of Non-Human Identities (NHIs) — think APIs, bots, service accounts, and machine identities — has expanded the attack surface in ways we’re only beginning to understand. NHIs now outnumber human identities in enterprise environments, often by a staggering ratio. While they streamline processes, enable scalability, and facilitate automation, these identities also present significant security risks.

Launched as an internal project by Spotify in 2016, Backstage was released under the Apache 2.0 open source license in 2020 to help other growing engineering teams deal with similar challenges. Backstage aims to provide a consistent developer experience and centralize tools, documentation, and services within a single platform.