Last year, we launched Cato DLP to great success. It was the first DLP engine that could protect data across all enterprise applications without the need for complex, cumbersome DLP rules. Since then, we have been improving the DLP engine and adding key capabilities, including user-defined data types for increased control and integration with Microsoft Information Protection (MIP) to immediately apply sensitivity labels to your DLP policy. Let’s take a closer look.

I feel I need to clarify, for legal reasons, that this is nothing to do with any Harry Potter game. The reference is made because we are dealing with spells and magic, and I mean magic in the literal sense, not a reference to application security – although on some/most days it feels like magic. Time-Of-Check Time-Of-Use (TOCTOU) and Race Conditions? What’s it all about?

We are thrilled to announce we have reached a milestone of 60,000 customer organizations globally, consisting of tens of millions of end users. KnowBe4 is a customer-driven organization. I truly believe that without excellent customer service, we do not exist, which is why I regularly emphasize the importance of fantastic customer service in our daily, organization-wide meetings.

The latest Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG) shows an unrelenting upward trend in the number of phishing attacks per quarter. Despite the alarm that the growth in the number of phishing attacks should generate, this report sheds some light on what seems to be working for cybercriminals if you dig a little deeper. According to the report.

We hear a lot about the cybersecurity skills gap, which the latest research puts at 770,000 open positions in the U.S. and 3.4 million globally. There are lots of reasons why organizations find themselves dealing with a skills deficit – from an actual dearth of qualified talent to internal factors including turnover, lack of budget/competitive wages, limited opportunities for growth and promotion, and lack of training.

We’re thrilled to announce Vanta Workspaces, a new capability in our platform that enables complex organizations with multiple business units to easily customize, manage, and automate compliance at both the business unit and parent organization level in a single Vanta account. With Workspaces, your organization can save time and money, improve your compliance and security posture, and accelerate revenue with the attestations and certifications your end customers require.

Netskope Threat Labs is tracking phishing campaigns abusing InterPlanetary File System (IPFS) to deliver their payloads. From March 1 to April 30, Netskope Threat Labs has seen a 7x increase in traffic to IPFS phishing pages. The attacks have been targeting victims mainly in North America and Asia Pacific across different segments, led by the financial services, banking, and technology sectors. IPFS was first launched in 2014 and has been steadily increasing in popularity since.

The healthcare industry has been struck with a growing number of cyberattacks over the last few months, raising concerns in the healthcare industry and in Washington, D.C. The continued onslaught of attacks has raised the question of how healthcare entities can and should be raising their cyber defenses. One potential tool in a hospital, or any industry's toolbox, can be Trustwave's patent-pending Advanced Continual Threat Hunt (ACTH) platform.

CISA issues a joint advisory on Russia’s Snake malware operation, hackers use ChatGPT lures to spread malware on Facebook, and a new phishing-as-a-service tool appears in the wild.

The rise of low-code/no-code platforms has empowered business professionals to independently address their needs without relying on IT. Now, the integration of generative AI into these platforms further enhances their capabilities and eliminates entry barriers. However, as everyone becomes a developer, concerns about security risks arise.