The cybersecurity industry is always evolving. Whether new solutions arrive because of advances in technology, emerging threats, or changing security needs, every few years a new platform — and often acronym — joins the market. Extended detection and response (XDR) is one of those solutions that has gained momentum from buyers and taken over many security conversations in recent years.

Threat actors often employ stealthy attack techniques to elude detection and stay under the defender’s radar. One way they do so is by using uncommon programming languages to develop malware. Using an uncommon programming language to develop malware provides several benefits, including: Netskope recently analyzed a malicious backdoor written in Nim, which is a relatively new programming language.

Organizations often create multiple IT policies for a variety of needs: disaster recovery, data classification, data privacy, risk assessment, risk management and so on. These documents are usually interconnected and provide a framework for the company to set values to guide decision-making and responses. Organizations also need an information security policy (InfoSec policy). It provides controls and procedures that help ensure that employees will work with IT assets appropriately.

There is every reason to believe that 2024 will be an interesting year in the cybersecurity space, making it difficult to foresee what might transpire. However, Trustwave’s leadership is up to the task. In Trustwave 2024 Predictions Part 1, we looked at what might hold in store for the upcoming US election cycle and AI.

Recently, we noticed another strain of Instagram “Copyright Infringement” phishing emails in our spam traps. In this version, in addition to targeting Instagram credentials, the cybercriminals also aim to obtain the victim’s Instagram backup codes. This campaign is an enhanced version of what we reported on the SpiderLabs blog titled “Insta-Phish-A-Gram”.

Tech scams are continuing to grow in scale and damage. According to CBS News, Americans have reported over $2.7 billion in losses to tech scams from social media alone. Further losses are being accrued through other sources, too, of course; but with that figure coming from one source, alone, the scale of the problem is laid out quite clearly. As more of the nation moves to a digital-first footing, these attacks are only likely to increase in volume, and scale, too.

Since announcing Charlotte AI, we’ve engaged with many customers to show how this transformational technology will unlock greater speed and value for security teams and expand their arsenal in the fight against modern adversaries. Customer reception has been overwhelmingly positive as organizations see how Charlotte AI will make their teams faster, more productive and learn new skills, which is critical to beat the adversaries in the emerging generative AI arms race.

In an era where knowledge and creativity are the cornerstones of progress, intellectual property (IP) is not just a legal asset but the very lifeblood that sustains business innovation, competitiveness, and growth. However, as we march deeper into the digital age, the specter of intellectual property theft looms larger than ever, posing a formidable challenge to industries worldwide.

At the recent Tripwire Energy and NERC Compliance Working Group, we held a session to demonstrate some tips and tricks to make the latest Tripwire State Analyzer (TSA) work better for your organization. The newest State Analyzer version is 1.5.2, which offers features that align it with most of the latest systems and practices. It also includes improvements with its integration with Tripwire Enterprise (TE).

During the Converge 2023 event, Matt Quinn, the CTO of Tanium, discussed the company's progress over the past year and announced the development of Autonomous Endpoint Management (AEM)