Our teams are always hard at work improving the TrustCloud platform. Here are this month’s biggest updates. Introducing our ServiceNow integration! This is a bidirectional integration with ServiceNow to pull ticket details into TrustCloud. Teams can create new ServiceNow tasks in TrustCloud and attach ServiceNow links as evidence to your tests. The integration also supports automatic task creation from TrustCloud. Just go to Admin -> Connected Apps, where you can automate task creation.

Building an effective remediation plan is crucial for enhancing security posture, ensuring compliance and minimizing operational risks. Modern attack surfaces with their ever-growing volume of vulnerabilities have only compounded pressures on remediation planning. Yet vulnerability and exposure management teams frequently encounter obstacles that slow down remediation planning, leading to increased risk exposure and potential regulatory penalties.

Latrodectus is a downloader first discovered by Walmart back in October of 2023. The malware became very famous due to its similarities with the famous IcedID malware, not only in the code itself but also the infrastructure, as previously reported by Proofpoint and Team Cymru S2. The malware is usually delivered via email spam campaigns conducted by two specific threat actors: TA577 and TA578.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Oh boy, what a trove for scammers. Really hope plugged before used…

A Rubrik Zero Labs report found that 66% of IT and security leaders report that data growth outpaces their ability to secure data and mitigate risk. Adversaries are noticing, increasing the sophistication of cyberattacks, and leveraging gaps in coverage to target critical data for destruction, theft, or extortion. As the volume of data continues to grow and exacerbate visibility challenges, organizations must find ways to manage and protect their constantly expanding data.

Spyware is a type of malware that can be installed on your device without your knowledge. The main goal of spyware is to spy on you and gather your private information, like passwords or credit card information. Despite spyware being elusive and undetectable at times, you can tell if there is spyware on your laptop by recognizing common signs. Some of these signs include unwanted pop-up ads, slower performance, shorter battery life and redirections on your browser.

In the early days of cybersecurity, implementing a Security Information and Event Management (SIEM) system was akin to constructing a house from scratch. The SIEM was a blank slate, and transforming raw data into actionable insights was a long and arduous journey. It began with the daunting task of ingesting data from various disparate sources and formats. From there, security teams had to craft detections — rules designed to identify malicious or suspicious activity.

Your Domain Name System (DNS) infrastructure enables users to connect to web-based resources by translating everyday language into IP addresses. Imagine going into a restaurant, in the age before the internet, only to find that the staff speaks and the menu is written in a different language from yours. Without some shared communication form, you can’t order dinner, and they can’t give you what you want.

In this article, we outline the main elements of DORA, as well as key recommendations for preparing effectively for this important new regulation.

Read also: A money launderer for the Lazarus hackers arrested in Argentina, US offers $2.5M for the Angler hacker, and more.