Don't worry, I'm not trying to conjure images in your mind of Rod Stewart in his iconic leopard print trousers. Instead, I want to warn you about a cybercrime group that has gained notoriety for attacking VMware ESXi servers since February 2024.

Enterprises today face significant challenges in managing, governing, and securing corporate data. Data moves and is shared more ubiquitously than we likely recognize. Through the use of large language models (LLMs), shared with third-party vendors, or exposed on the dark web, there are blind spots that hinder the security and IT teams’ visibility into where data resides and how and by whom it’s accessed.

You can check your iPhone for viruses by checking for unfamiliar apps, seeing if your data usage has spiked, seeing an unusual number of pop-up ads and noticing if specific apps are draining your battery. A virus is a type of malicious software that can infect any device, like your iPhone, and then replicate itself on your device’s programs or files.

We’re incredibly proud to announce that 1Password has achieved ISO 27001, 27017, 27018, and 27701 certifications.

By Olivia Betts and Adam Price In July 2024, CloudFlare identified that it can take cybercriminals as little as 22 minutes to weaponise a publicly available Proof-of-Concept (PoC) exploit following its release. The IT services management company noted an increase in scanning for disclosed Common and in attempts to weaponise available PoCs across 2023 and 2024.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! I’m sure some of you out are still dealing with the last week’s issue and never want to hear the word CrowdStrike again, well this might have helped.

On July 24, 2024, hacktivist entity USDoD claimed on English-language cybercrime forum BreachForums to have leaked CrowdStrike’s “entire threat actor list.”1 The actor also alleged that they had obtained CrowdStrike’s “entire IOC list” and would release it “soon.” In the announcement, USDoD provided a link to download the alleged threat actor list and provided a sample of data fields, likely in an effort to substantiate their claims.

The continuous threat exposure management (CTEM) model offers tremendous benefits to any organization implementing it.

No, it’s not safe to password-protect PDF files because your files are not guaranteed to be protected from cybercriminals intercepting and gaining unauthorized access to your information. Often, people password-protect a PDF file to protect sensitive information and set permissions on how the PDF file can be used. If you password-protect a PDF file, you can choose whether you want a recipient of the file to view or edit the file.

One of the recent email scams of the past few months is the Geek Squad scam. Similar to other phishing scams, this scam involves cybercriminals impersonating Geek Squad - a trusted tech support team from the American company Best Buy. As we learn more about the Geek Squad scam, including what it is and how to spot and prevent it, you will be able to protect yourself from it and learn techniques to defend yourself against present and future scams.