Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security teams can greatly strengthen their cyber resilience by adopting a left-of-bang strategy.

Last week, T-Mobile disclosed that the personally identifiable information (PII) of 37 million of its past and present customers had been breached in an API attack. They also shared that the attack had been going on since November but was only caught January 5 by T-Mobile’s security team. Coverage of the attack has been swift, far-reaching, and harsh, as this represents T-Mobile’s 8th breach since 2018.

In our new threat briefing report, Forescout’s Vedere Labs analyzes the Royal ransomware threat actor group and encryptor payload, presents threat hunt opportunities for network defenders and shares details of the group’s tactics, techniques, and procedures (TTPs).

In the world of cybersecurity, the spotlight often shines on protecting applications, networks, and individual accounts. Application programming interfaces (APIs), on the other hand, present their own set of challenges to secure. APIs account for a significant portion of internet traffic and handle massive amounts of information from a wide variety of programs and applications; consequently, they make for an appealing target in the eyes of cybercriminals.

In our post-pandemic world, more and more individuals are splitting their time between the corporate office and their home office or working remotely full-time. This shift is blurring the lines between professional and personal cyber hygiene and privacy, which can pose a significant risk to organizations.

With the release of Rubrik Security Cloud (RSC), our global customers can now consolidate management of their Rubrik estate to a single control plane. This significant improvement in management capabilities also allows customers to leverage the power of RSC’s GraphQL (GQL) APIs for their automation and management needs.

In the security domain, various digital certificates get used by businesses to secure their IT environment. But, when it comes to finding the certificate to digitally sign applications, most people need help finding a reliable solution. Due to it, some select the wrong certificate, creating complexities and not fulfilling their requirements. But, there will be no complexities for you, as by reading further, you will understand what type of certificate you need and how to digitally sign.

Torq, the security automation leader, today announced 800% revenue growth and 10X customer growth in its second year of operation in 2022, and hitting the milestone of 1,000,000+ daily security automations. Torq also announced the Torq Advisory Board featuring global cybersecurity visionaries, and the appointment of Paulo Veloso, Vice President of Sales, Americas. Recently, Torq has also released critical industry-leading capabilities with the introduction of Parallel Execution and Torq Insights.

In the world of finance, digital onboarding is becoming increasingly important for neo banks. Neo banking refers to a new generation of digital-only banks that offer a wide range of financial services through mobile apps and online platforms. These banks are typically built on top of existing infrastructure, and they rely heavily on technology to provide a seamless and efficient customer experience. Digital onboarding is the process of registering for and opening a new account with a neo bank.

In recent months, news outlets have reported a surge in double extortion ransomware attacks by Black Basta, a notorious ransomware-as-a-service (RaaS) threat group first identified in early 2022. The actor is sophisticated, often utilizing a unique set of tactics, techniques and procedures (TTPs) to gain a foothold, spread laterally, exfiltrate data and drop ransomware. However, Kroll has observed Black Basta sometimes utilizing similar TTPs across multiple incidents.