Trust lies at the heart of every relationship, transaction and encounter. Yet in cyberspace—where we work, live, learn and play—trust can become elusive. Since the dawn of the Internet nearly 50 years ago, we’ve witnessed incredible digital transformations paired with increasingly formidable threats. Knowing who and what to trust has become so difficult that the very notion of trust has been flipped on its head.

DevOps has dominated the 21st-century software industry as a powerful methodology for streamlining processes and improving collaboration between development and operations teams. However, as organizations shift towards this model, a critical aspect is often overlooked: security. This led to the advent of DevSecOps, an approach that aims to bridge the gap by integrating security practices into DevOps workflows.

Cyberattacks are getting worse, and traditional security methods are not enough. Businesses now face threats like identity theft and social engineering, making it harder to protect their data. With more employees working remotely and companies moving to cloud-based apps, adopting a Zero Trust approach is more important than ever.

On October 15, 2024, a new Linux variant of the notorious FASTCash malware was uncovered, once again highlighting the vulnerabilities in global banking systems. This malware, attributed to North Korean threat actors, has been responsible for siphoning millions of dollars from ATMs worldwide by compromising interbank payment switches. The latest version targets Linux systems, allowing attackers to manipulate transaction messages and approve fraudulent cash withdrawals.

A secure website is not just an option but a necessity. With businesses increasingly relying on online platforms, the potential risks associated with inadequate website security have never been more important. Cyber threats are rampant, targeting not only businesses but also their customers, making understanding and implementing robust security measures essential for anyone with an online presence.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Big news this week with the Internet Archive under attack…

Insider threats (aka insider risks) have become a growing concern for organizations across industries. These threats come from individuals within an organization who have authorized access to sensitive data and systems but misuse them for personal gain or to cause harm. Many organizations are turning to insider threat software to combat this issue, which helps identify, detect, and mitigate insider threats before they cause significant damage.

For Cybersecurity Awareness Month, we are taking a look at the past, present, and future and looking at key moments from the history of cybersecurity. Because of our past technology, we are able to explore limitless possibillities with technology that shapes how we work, communicate, and consume media.

Welcome back to our Evolution of Scalper Bots series. In our last post, we explored how scalper bots expanded into new markets from 2010 to 2014. We saw the scalper bot industry rise and a technological arms race begin between developers and retailers. As we delve into the period of 2015 to 2017, this battle intensifies. Scalper bots become more sophisticated, retailers implement new countermeasures, and legal challenges emerge.

As digital transformation accelerates, so do the cybersecurity risks, particularly for organisations handling critical infrastructure and sensitive data. To address these challenges, the European Union has updated its cybersecurity regulations with NIS2 (Network and Information Security Directive 2), expanding and strengthening the original NIS Directive, which was established to improve cybersecurity across essential sectors.