A lot goes into deciding what to buy during the holiday shopping season – shipping times, sale prices, and finding the perfect gift for your niece (who is impossible to shop for) are likely to be at the top of your mind. Unfortunately, attackers are counting on that. An attacker’s best friend is urgency and Black Friday kicks off a perfect season for them.

Advanced Persistent Threat (APT) actors have become a significant concern for organizations worldwide, as they pose a substantial threat to sensitive information and critical infrastructure. One such APT actor is the Lazarus Group, also known as Hidden Cobra, which has been active since at least 2009. In this blog, we will delve into the motivation and recent activity of the Lazarus Group, highlighting their tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK techniques they employ.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Oh look, wondered when this lot would end up in the news again …

Read Post

In early 2022, a Yahoo employee, Qian Sang, exploited his access to confidential information, and stole the company’s AdLearn product minutes after receiving a job offer from a competitor. By the time the breach was discovered, the damage was extensive, costing the company millions in fines, legal fees, and lost business . This incident is not an isolated case.

When the title of chief information officer (CIO) first emerged in the early 1980s, it was very different from what it is today. Technology evolution, emerging threats and new realities have shifted the role from simply “keeping the lights on” to strategically “enabling the business” in every way.

As the threat landscape evolves alongside organizations’ move toward digital-first operations and cloud-based applications, part of a robust cybersecurity strategy becomes not just preventing attacks but knowing how best to respond if and when one occurs. That response, specifically digital forensics incident response (DFIR), is the key to mitigating and recovering from a cyber incident.

In the world of Kubernetes, optimizing cluster performance and reliability is paramount, especially when it comes to fundamental operations like DNS lookups. NodeLocal DNSCache is one such solution that helps reduce DNS latency by caching responses locally on each node. While this tool is effective in standard Kubernetes setups, complications arise when integrating it with advanced networking solutions such as eBPF-based dataplanes.

Microsoft 365 is the standard in modern enterprise environments, offering a robust suite of productivity and collaboration tools. With millions of users accessing sensitive data from various devices and locations, security vulnerabilities can arise, making it highly attractive for cybercriminals seeking to exploit and steal valuable data.

The Association of Certified Fraud Examiners (ACFE) recently released a report Occupational Fraud 2024: A Report to the Nations, where they estimated that most organizations lose about 5% of their revenue each year due to fraud. We have joined in our support of International Fraud Awareness Week and applaud the ACFE and their efforts to help raise awareness and reduce fraud that hurts all of us, whether we work for these organizations or are consumers of the goods and services they provide.

In this episode of Trust Issues, host David Puner interviews James Imanian, Senior Director of the U.S. Federal Technology Office at CyberArk. They discuss the critical topic of election security, focusing on the recent 2024 U.S. presidential election. Drawing from his extensive background in cybersecurity including a career in the Navy and a stint at the U.S.