Research shows many companies now own and operate more than 60 disparate security tools, yet breaches continue to make headlines. Throwing more tools at the problem is a tactic that simply doesn’t work and— with trends pointing toward tighter security budgets—may not even be possible anymore. Security leaders are now in a position that requires them to ask tough questions and carefully scrutinize new security tools before pulling the trigger on purchases.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting newly added coverage for several recently discovered or analyzed ransomware and malware variants, including Akira ransomware, 8base ransomware, and Rorschach (BabLock) ransomware, amongst others. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook™ to ensure coverage against these advanced threats.

Public transportation payment systems have undergone significant changes over the years. Mobile payment solutions have become increasingly popular, allowing passengers to pay for their fare using smartphones or other mobile devices. This trend is likely to continue in the years to come. But how secure are mobile payment solutions for public transportation?

The SafeBreach Labs team is committed to conducting original research to uncover new threats and ensure our Hacker’s Playbook provides the most comprehensive collection of attacks.

Over the past few years, ransomware has emerged as one of the most significant cybersecurity threats. Recent research conducted by Sophos indicates that the situation is becoming increasingly dire. Notably, the payments demanded by ransomware groups have surged, making the attacks even more costly for victims. Additionally, an alarming 66% of organizations have reported being targeted by ransomware attacks in the last two years alone.

The SafeBreach Labs team is committed to conducting original research to uncover new threats and ensure our Hacker’s Playbook provides the most comprehensive collection of attacks. As part of our recent research efforts, we discovered a vulnerability in the Windows Defender update process that could effectively allow an unprivileged user to take full control of the Windows Defender tool and leverage it for future malicious activities.

Researchers at SafeBreach Labs have recently discovered several novel attack methods which can circumvent common security controls and execute some jaw-dropping malicious actions including: SafeBreach threat researchers have successfully executed and verified each of these attack methods, however none have been used in the wild at this point.

Modern enterprises have adopted more offensive measures to protect their organizations from evolving cyber threats. As a result, many security teams are looking to breach and attack simulation (BAS) and threat intelligence (TI) tools to enhance their programs and work more efficiently.

SafeBreach recently held its second annual Validate Summit at The Star in Frisco, Texas, where SafeBreach customers, cybersecurity experts, and influencers explored how enterprises can stay ahead of risk and safeguard their critical business assets from inevitable cyberattacks by implementing proactive security practices. One hot topic was communicating security risk to the board.

Shifts in the threat landscape have caused cyber insurance providers to rethink how they offer and price their coverage. The result has been stricter underwriting requirements, more exclusions within coverage, and a dramatic increase in premiums. Tougher underwriting requirements have also put pressure on security and risk leaders to more thoroughly validate their security controls as enterprises are applying for, or renewing, their coverage.