Agile2024: Making Sure Security Is Part Of Our Processes
What does Agile have to do with improving security? A lot! Explore highlights from Agile2024, including technical health, productive meetings, and addressing shadow IT.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
The Growing Threat of API Attacks and the Need for Advanced Protection
APIs are increasingly becoming the target of choice for attackers. According to the key findings stated in the 2024 Gartner Market Guide for API Protection, "APIs — especially shadow and dormant ones — are causing data breaches among organizations that, on average, exceed the magnitude of other breaches.
EP 58 - Trust and Resilience in the Wake of CrowdStrike's Black Swan
In this episode of Trust Issues, we dig into the recent the global IT outage caused by a CrowdStrike software update, which impacted millions of Microsoft Windows endpoints and disrupted many sectors. This “black swan” event highlights, among other things, the importance of preparedness, adaptability and robust crisis management.
Don't RegreSSH: An Anti-Pavlovian Approach to Celebrity Vulns
Before Crowdstrike caused the world to melt down for a few days, the talk of the security town was a recent OpenSSH vulnerability (CVE-2024-6387). Dubbed by its celebrity name regreSSHion, it is a Remote Code Execution vulnerability in some versions of OpenSSH discovered by the Qualys Threat Research Unit on July 1, 2024. Specifically, versions of OpenSSH compiled against the glibc library, which is to say “probably most of them”, were impacted.
Poseidon Infostealer, DoNex Ransomware, ElDorado Ransomware, and More: Hacker's Playbook Threat Coverage Round-up: July 2024
In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats by the SafeBreach Labs team. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.
Mastering success: 5 key stages of professional services delivery
In this blog post, Kelsey Sevening, Sr. Manager, Project Management at Tines shares what customers can expect when engaging with our professional services team to help them reach their goals faster. When it comes to investing in professional services, the quality of the experience can vary widely. While some customers might have exceptional experiences and others less so, most find themselves somewhere in the middle.
The Hidden Dangers: A Guide to Mobile Security Threats
Mobile technology has changed how government employees work, and hackers have noticed. Mobile-specific threats are on the rise, with hackers often using mobile devices as a backdoor into the agency’s enterprise network. This video, based on a recent mobile threat report by Lookout, highlights four types of mobile threats that agencies need to be aware of, and offers tips for reducing risk.
DORA and NIS2: How to Ensure Compliance and Enhance Cyber Resilience
In this episode of CISO Conversations: EU Data Regulations, Richard Cassidy, EMEA Field CISO at Rubrik is joined by Jack Poller to discuss the key differences between DORA and NIS2, how they can help enhance resilience against cyber threat, and what steps organizations need to take to ensure compliance.
Eric Capuano - Defender Fridays - July 26, 2024
Joining us for Defender Fridays this week was our Director of Training & Product Enablement, Eric Capuano, who discussed emulating adversaries for training defenders.
Is Ransomware Malware?
Over the past few years, ransomware attack rates and ransom amounts have climbed so significantly that the cyber attack has broken out of the IT and security community to capture headlines around the world. In early May 2021, a suspected Russian hacking group took Colonial Pipeline — which provides 45% of the East Coast’s supply of gasoline, diesel fuel, and jet fuel — offline for more than three days in an attack that made ransomware a household word.