External Attack Surface Management, or EASM, empowers organizations to proactively manage and secure their digital presence in an ever-evolving threat landscape. There are two critical EASM processes that this blog post will cover – Asset Discovery and Attack Surface Mapping.

Some examples of UPS text scams include confirming details about a fake delivery, fake package delivery notifications, fake package delivery fee requests, fraudulent suspicious activity on your UPS account or an error with a delivery. According to the Federal Trade Commission (FTC), in 2023, over $650 million was lost to imposter scams, including UPS text scams. Keep reading to find out what different UPS text scams look like and how you can stay protected against this kind of scam.

If you have ever jailbroken an iOS device, you have likely encountered many things that we will discuss today. Let's start with one of the most commonly used terms that gets thrown around: iOS tweaks. There are plenty of them out there, depending on the needs - whether for fun or profit, simple or complex - ranging from making your lock screen look fancy to running your banking app on a jailbroken device.

Companies constantly face a multitude of threats online. Understandably, there is no way for them to deal with all of the attacks given their limited resources and the time-consuming nature of continuous threat detection and prevention. As such, some threats are prioritized over others, depending on their urgency. This leads to threats being classified as “low-priority”, especially when it comes to brand protection.

Quantum computing is poised to revolutionize the world. From simulating atoms and molecules to mapping and modeling in medicine, the potential use cases are vast and still unfolding. It may seem far on the horizon, but for those in cybersecurity, especially privileged access management, now is the time to start planning.

The shift to AI-integrated software development isn’t just a trend; it's a fundamental change that’s reshaping industries and redefining the future of technology. This shift brings both revolutionary potential and formidable cyber challenges. Cyber challenges that King Charles III even addressed in the proposals of his King’s Speech on July 17. As we plunge into the AI era, we must understand how these changes are unfolding and what they signify for technological advancement.

The Sysdig Threat Research Team (TRT) is on a mission to help secure innovation at cloud speeds. A group of some of the industry’s most elite threat researchers, the Sysdig TRT discovers and educates on the latest cloud-native security threats, vulnerabilities, and attack patterns. We are fiercely passionate about security and committed to the cause. Stay up to date here on the latest insights, trends to monitor, and crucial best practices for securing your cloud-native environments.

On July 8, 2024, Australian Home Affairs Secretary Stephanie Foster issued a series of formal directions under the Protective Security Policy Framework (PSPF) instructing each federal government body to identify and mitigate potential cyber risks amidst rising concerns for foreign interference.

In a recent development, cybersecurity researchers have identified a new Linux variant of the notorious Play ransomware, also known as Balloonfly and PlayCrypt. This variant specifically targets VMware ESXi environments, signaling a strategic expansion by the threat actors behind it. Trend Micro's report published on Friday highlights the potential for a broader victim pool and more effective ransom negotiations as a result of this evolution.

Vulnerability management is a foundational cornerstone for reducing your organization’s cyber risk, but what are vulnerabilities and why is it important to create a strong vulnerability management program?