As cyber threats grow more frequent and sophisticated, the need for vigilant defense is paramount, and cybersecurity is top of mind for organizations nationwide. Understanding the threat landscape and current and future trends is crucial to designing effective security strategies to mitigate risk and keep companies, their employees, and their data safe. The following threat trends are of particular importance, affecting organizations of all sizes.

Over the past several months, AT&T Managed Detection and Response (MTDR) security operations center (SOC) analysts have seen an increase in the usage of phishing emails containing malicious QR codes. In a recent example, a customer that was victimized by a phishing attempt provided the AT&T analysts with an email that was circulated to several of its internal users.

On Wednesday, October 4th 2023, Daniel Stenberg, one of Curl’s core maintainers announced that a forthcoming release of Curl, version 8.4.0, is scheduled to be available on October 11th 2023 at approximately 06:00 UTC. The upcoming release will include fixes for two Curl vulnerabilities that they had discovered. One of these vulnerabilities is rated as having low severity (CVE-2023-38546), whereas the second one is considered high severity (CVE-2023-38545).

On October 4, 2023, the curl project maintainers sent out a pre-notification that curl version 8.4.0, expected to be released on October 11 (around 06:00 UTC), will address what they denote as the most serious vulnerability in recent years. Curl is a de-facto standard in the software business when it comes to web requests, and supports a wide range of communication protocols. Depending on the vulnerability, it could have far reaching implications.

Safeguarding your own personal digital ecosystem is your responsibility. However, the effectiveness of your organization’s cybersecurity measures heavily relies on the collective efforts of every member in your organization. Inspired by the Cybersecurity Awareness Month (CSAM), it serves as a reminder that individual choices can significantly impact overall cybersecurity.

This past month, we released our new suite of tools leveraging the latest in AI and LLMs, Vanta AI, role-based access control (RBAC), 34 new integrations (bringing the total number of integrations shipped in 2023 to over 200!) and more: ‍ ‍

Today we announced Vanta AI, our suite of AI-powered tools to accelerate and simplify security and compliance workflows. With Vanta AI, tasks that were previously impossible to automate can now be performed reliably in minutes, enabling security and compliance teams to prove trust and manage risk more efficiently and confidently than ever before. ‍ From the start, Vanta has been on a mission to secure the internet and protect consumer data.

Today we’re thrilled to announce the launch of Vanta AI, a new suite of tools that brings the power of AI and LLMs to the Vanta platform to help you accelerate compliance, efficiently assess vendor risk, and automate security questionnaires. ‍ AI is transforming the way work gets done, especially when it comes to reducing repetitive tasks.

Most enterprises' critical infrastructure and operational pipelines rely on an intricate web of software, online services, and cloud applications. This level of complexity makes supply chain risk management one of (if not the) biggest challenges for CISOs today. Today, malicious actors choose to exploit software supply chain vulnerabilities rather than just target end users. These SSC attacks have caused some of the most notable cybersecurity incidents and data breaches in recent years.

Splunk has been named #1 SIEM Provider in the Worldwide Security Information and Event Management Market Shares, 2022: The Multitude of SIEMs (doc #US51012523, July 2023). The continued recognition from IDC as a SIEM market Leader is a testament to our commitment to delivering a data-centric, modern solution that delivers data-driven insights for full-breadth visibility for our users.