Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Woes continue at the Internet Archive.

Despite the rapid evolution of security technologies, many SOCs are still weighed down by manual processes and outdated tools. Analysts are burdened with repetitive tasks, inefficient workflows, and disjointed incident response mechanisms. This broken system is leaving SOCs reacting to incidents instead of preventing them. There’s a better way forward.

With sophisticated cyberattacks getting more frequent every day, and regulations around data privacy tightening, businesses across Europe are facing a big challenge: How do you keep your network safe, stay ahead of threats and make sure you're compliant with the latest regulations? Enter the NIS2 Directive — a step up for cybersecurity that demands organizations be ready to face any cyber storm that comes their way.

Code repositories are the primary source of secrets, but GitGuardian data highlights the broader issue of secret sprawl. From code to production, understand how these vulnerabilities expose sensitive data and learn how to enhance your security posture with GitGuardian insights.

Cloud native applications are dominating the tech landscape for modern enterprises. A garden-variety cloud native application consists of microservices deployed in containers orchestrated with Kubernetes, and these microservices interact together via APIs. Netflix, Salesforce, and Atlassian products like Jira and Confluence are all common examples of cloud native applications.

Wallarm’s Security Edge is setting a new standard in API security—far beyond the reach of traditional Content Delivery Networks (CDNs). Let’s get it straight: Security Edge is not just a new addition to the API security market; it’s a disruption. Designed to deliver fast, effective, and advanced API protection where APIs need it, Wallarm’s Security Edge targets what CDNs cannot.

One of the most challenging elements of securing an organization from cyber threats is ensuring that their employees aren’t placing themselves or their colleagues at risk. But as Arctic Wolf’s new Human Risk Behavior Snapshot shows, even security practitioners and IT leaders aren’t always model citizens when it comes to mitigating their own cyber risk.

Ever wonder what lurks in your code that static analysis can’t find? That’s where Dynamic Code Analysis (DCA) comes into play. Unlike static analysis, which inspects code without running it, DCA examines software during execution. For developers, DCA is invaluable because it provides real-time insights into how your code operates under actual conditions.

In early August, Arctic Wolf Labs began observing a marked increase in Fog and Akira ransomware intrusions where initial access to victim environments involved the use of SonicWall SSL VPN accounts. Based on victimology data showing a variety of targeted industries and organization sizes, we assess that the intrusions are likely opportunistic, and the threat actors are not targeting a specific set of industries.

On October 23, 2024, Fortinet published an advisory disclosing an actively exploited vulnerability (CVE-2024-47575) affecting FortiManager and FortiManager Cloud. The critical-severity vulnerability can be exploited on FortiManager instances exposed to the internet via port 541. Successful exploitation could allow a remote, unauthenticated threat actor to execute arbitrary code or commands via specially crafted requests.