The healthcare industry's digital transformation has brought unprecedented advancements in patient care. However, it has also introduced new vulnerabilities that put sensitive patient data at risk. Cybersecurity is no longer an option but a critical component of delivering safe and effective care. Threat actors have no compunction about taking advantage of this increased threat surface.

Recently, a client enlisted the support of Trustwave to investigate an unauthorized access incident within its internal cloud-based environment, leading to the deployment of Mallox ransomware by threat actors to its server. A misconfiguration allowed unauthorized individuals to bypass security restrictions. This blog details the initial access method, the tools used to execute their operations, and an analysis of the Mallox ransomware.

This summer ARMO is proud to announce a batch of new features designed to enhance your cloud security posture. We developed groundbreaking capabilities for in-depth vulnerability scanning, simplified vulnerability management with SBOM view, and streamlined network policy generation for two popular CNIs, Calico and Cilium.. We invite you to explore these new features and discover how they can add to your organization’s security. Let’s go.

As the school year officially kicks off, students everywhere are hitting the books. But it’s also time for IT and security teams as well as administrators to get up to speed on the latest cyber threats that may impact their environment. The education sector is a treasure trove of valuable data – from financial and sensitive personal information to intellectual property and raw research data – which makes it an attractive target for threat actors.

There is no doubt that we now live in an AI-driven, automation-powered world. Across industries and markets, leaders and professionals are achieving the utility of AI in their processes. The same applies to Governance, Risk, and Compliance (GRC) management, but when one looks at the actual implementation, the data shows that there's still a long way to go. According to one recent report, only 21% of GRC leaders use AI to perform GRC activities.

As remote work increases, organizations are faced with new cybersecurity challenges. When employees access sensitive company data from various locations and devices, traditional security perimeters dissolve and create potential vulnerabilities. This guide focuses on proactive measures, strategies, best practices, and advanced monitoring solutions to employ when your employees work remotely.

As artificial intelligence (AI) continues to revolutionize various sectors, ensuring it is developed and deployed in alignment with ethical standards and fundamental rights is critical for businesses that use it. The European Union's Artificial Intelligence Act (AI Act), formally adopted on March 13, 2024, addresses this critical necessity by establishing a comprehensive and detailed legal framework for AI systems within the EU.

On August 22, 2024, SonicWall published a security advisory regarding a critical improper access control vulnerability in several SonicWall Firewall models. This vulnerability, identified as CVE-2024-40766, is a flaw in SonicOS, the operating system that powers these firewalls. CVE-2024-40766 allows a remote, unauthenticated attacker to gain unauthorized access to resources and/or cause the firewall to crash under specific conditions.

Supply chain resilience has never been more critical. Recent cyber outages have underscored a harsh reality—supply chains are vulnerable, and disruptions can have far-reaching impacts. But what does it mean to be supply chain resilient, especially in the context of cyber threats? In this post, we will explore lessons learned from recent cyber outages, offering actionable insights for enhancing supply chain resilience.

Snyk Code was the only code security tool shortlisted by developers as an AI tool they’ve been regularly using this past year or are looking forward to using next year in Stack Overflow’s recent 2024 AI Search and Developer Tools survey. This underlines Snyk’s dominance as the favorite AI security tool of both developers and security teams and confirms that Snyk Code is providing immense value to developers.