Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack could give an attacker an entry point within an organization. CIS Control 9 provides several safeguards to ensure the safety of external information.

Today, I am thrilled to announce the official closing of Bitsight’s acquisition of Cybersixgill, a leading provider of cyber threat intelligence solutions. This is not only a pivotal step in our long-term vision—it’s a reinforcement of our promise to help each and every one of our customers to make smarter, faster risk decisions. Bitsight was founded on the belief that cyber risk is not binary.

On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks.

PowerShell is a great scripting and automation tool — and it also enables administrators to execute commands and scripts on remote computers remotely, as if they were sitting in front of them. Indeed, early in the history of PowerShell, Microsoft added support for cmdlets to run on remote systems with the -ComputerName parameter.

While Data Security Posture Management (DSPM) is a powerful approach for discovering, monitoring, and managing sensitive data across complex systems, it is not without its challenges. These hurdles often stem from the complexity of modern data environments, evolving threats, and operational constraints. Below are the primary challenges associated with DSPM.

Alert fatigue is the process of burning out and losing sensitivity to security alerts caused by a deluge of security alerts. Security systems generate a constant flow of alerts in modern network environments, ranging from minor irregularities to severe threats. But not all these alerts are equal in importance, and many of them are false positive alerts or low-priority problems.

Malicious files continue to be a significant threat to organizations; SonicWall reported more than six billion malware attacks in 2023. To help organizations prepare for and stay ahead of these threats, we’re introducing an integration with YARA that offers a deeper level of inspection for files across enterprise networks while helping security teams consolidate their toolset in the process.

Vulnerability identification is a key part of application security (AppSec). This process entails tracking and reporting the number of vulnerabilities found and fixed to give stakeholders clear insight into the organization’s security posture. However, identifying and monitoring vulnerabilities using traditional methods can make risk evaluation more difficult.

In a time when 94% of companies have experienced an identity-related breach, many CISOs feel the urgency to strengthen identity and access management (IAM) across their organizations. In fact, a recent survey of CISOs found that identity is the top focus area going into 2025. However, communicating IAM’s value to the board remains a challenge—it isn’t enough for these security leaders to craft effective IAM strategies—they must also secure their board’s support.

On December 10, 2024, Ivanti released updates for three critical-severity vulnerabilities impacting their Cloud Services Application. By chaining the vulnerabilities together, a threat actor could obtain administrative privileges via authentication bypass (CVE-2024-11639), which could then allow for remote code execution (CVE-2024-11172) and/or SQL injection (CVE-2024-11173).