Healthcare and pharma companies are at the forefront of our most important need as humans: saving lives. To succeed, they require highly skilled staff members, medical equipment, drugs and resources. On top of these, there is another equally crucial component that will determine their ability to perform their jobs: their network. A secure, reliable and high performing network will ensure patient safety, data integrity and operational efficiency.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! I’m sure some of you out are still dealing with the last week’s issue and never want to hear the word CrowdStrike again, well this might have helped.

Most organizations now recognize that even if they have a strong internal security posture, a security lapse by any one of their many third-party vendors or partners can be just as catastrophic to their business as a direct breach. Industry and government regulators are increasingly focused on this topic as well, resulting in a wave of new compliance requirements that extend to third-party risks.

The threat group USDoD posted on a dark web forum on July 24th to claim they’ve got hold of a large database of threat actors compiled by CrowdStrike. So far, the threat actor has released only a small sample of the data, but the forum post below claims that over 250 million records have been exposed. This could provide information on the aliases, recent activities, origins, and motivations of various cybercriminal groups and state-sponsored actors.

One of the recent email scams of the past few months is the Geek Squad scam. Similar to other phishing scams, this scam involves cybercriminals impersonating Geek Squad - a trusted tech support team from the American company Best Buy. As we learn more about the Geek Squad scam, including what it is and how to spot and prevent it, you will be able to protect yourself from it and learn techniques to defend yourself against present and future scams.

Kubernetes stands at the forefront of the container orchestration revolution by becoming most people’s go-to container orchestration platform. While looking at all the features that Kubernetes brings into the picture, you may notice that the platform does not manage its own users.

The continuous threat exposure management (CTEM) model offers tremendous benefits to any organization implementing it.

For the second week in a row, Trustwave proudly announces recognition from the industry analyst firm Gartner. Today, Trustwave is proud to reveal that Gartner has named us as a Representative Vendor in the 2024 Gartner Market Guide for Digital Forensics and Incident Response (DFIR) Retainer Services. This news follows Trustwave's announcement last week stating we were named a Representative Vendor in the 2024 Gartner Market Guide for Managed Detection and Response.

According to Gartner, almost two-thirds of U.S. businesses were directly impacted by a software supply chain attack. So it’s not a question of whether to secure your software supply chain, but rather what is the most effective and efficient way to provide end-to-end security during all phases of the software development lifecycle (SDLC). Download the Ebook.

On July 24, 2024, hacktivist entity USDoD claimed on English-language cybercrime forum BreachForums to have leaked CrowdStrike’s “entire threat actor list.”1 The actor also alleged that they had obtained CrowdStrike’s “entire IOC list” and would release it “soon.” In the announcement, USDoD provided a link to download the alleged threat actor list and provided a sample of data fields, likely in an effort to substantiate their claims.