Increased ransomware attacks on industrial control systems (ICS), mixed with general ICS insecurity found across the manufacturing sector, has given rise to a guide specifically addressing this risk. Manufacturing has been a target of ransomware for quite some time — I’ve even covered a recent attack focused on credential harvesting.

Not every cybersecurity threat originates outside of the organization. External threats tend to receive more attention, but an IBM report shows that a breach caused by an insider threat can carry an even higher cost. In fact, malicious insider attacks cost an average of $4.99 million despite accounting for just 7% of breaches. That makes them the most expensive breach vector in the report.

Snyk Learn, our developer security education platform, just got better! We have expanded our lesson coverage and created a new learning path that covers the OWASP Top 10 for LLMs and GenAI, and is entirely free! As AI continues to revolutionize industries, ensuring the security of AI-driven systems has never been more critical.

This is the third article in a series about cloud-based attack vectors. Check out our last article about Cloud-Based ransomware! As Identity Access Management (IAM) becomes more complex, it becomes possible for an attacker to exploit the capabilities of legitimate permissions alone or in combination, escalating privileges and gaining potentially devastating levels of access. Because these privileges are legitimate, these attacks can be difficult to detect until the damage is already done.

You may already be using Active Roles to manage privileged access, identity and Active Directory (AD) from a single pane of glass. But now, you can get more. Active Roles release 8.2 is poised to offer multiple new features that support customers who are migrating to the cloud and applying web-based resources during the continuing market evolution. It also introduces enhancements to management within Entra ID.

As a security data nerd I am absolutely spoiled here at Bitsight. So much so that I have to stop myself from doing little projects and requests so I can dive into the “big” stuff1. So it is always refreshing when folks see a piece of research and decide “hey can you give me more information on my little corner of the world.” Then of course and can throw off those notions of “stopping” and just dive back in.

Researchers at ReversingLabs warn that North Korea’s Lazarus Group is targeting software developers with phony job interviews. The threat actors are posing as employees of major financial services firms and send coding assessment tests as part of the interview process. Our team recently recorded a webinar that covers this exact topic, as our cybersecurity experts discuss how we spotted the red flags and stopped it before any damage was done.

The Cato CTRL and Cato Application Security Research teams recently discovered CVE-2023-49559, a directive overload Denial of Service (DoS) vulnerability in the gqlparser library, which is a crucial component in the development and running of GraphQL applications. The vulnerability is of medium severity (CVSS score of 5.3). The gqlparser library is an integrated component of the gqlgen Golang GraphQL server, widely used in web applications to handle GraphQL queries.

Since the rise of the Internet, organizations and individuals have increasingly sought ways to keep their information secure and private. IT has witnessed a changing cyber threat landscape, and businesses have relied more and more on the Internet and data to function. However, the attack landscape widened in the 2010s. With widespread computer worms like Stuxnet in 2010, cybercriminals have gained critical access to organizations through operational technology.

In a time when everything said, whether factual, fake, or AI-created, may be recorded and posted on the internet, it’s more important than ever to ensure that what was recorded accurately represents a point in time. When someone claims you said, “I was Smoking on a flight, watching Star Wars, the best special effects movie of all time,” was that a false claim? Did they include the date and the context?