In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for several new threats, including those discovered via original research by the SafeBreach Labs team. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.

In an economy where securing data can mean the difference between success and failure, implementing proven data exfiltration prevention strategies is more critical than ever. According to a study conducted by IBM, a data breach can cost global organizations an average of nearly $5 million per incident. In addition to the financial ramifications, data theft can lead to lower customer trust, a loss of future revenue, and even potential lawsuits.

The momentous rise of AI continues, and more and more customers are demanding concrete results from these early implementations. The time has come for tech companies to prove what AI can do beyond adding conversational chat agents to website sidebars. Fortunately, it’s easy to see how cloud data protection has already benefited from advancements in AI and ML. Headline-grabbing large-language models are also making protecting data in the cloud easier to manage across organizations. ‍

Thirty-four percent of state and local government entities were hit by ransomware in 2024, a new report from Sophos has found. While this is a decrease compared to the attack rate in 2023, the mean cost of recovery for these entities has more than doubled to $2.83 million. Seventy-two percent of ransom demands made to state and local government organizations in 2024 were for $1 million or more, with 37% of demands for $5 million or more.

As I sit in the 2024 Seattle Convene conference this week and listen to speaker after speaker talk about their successful security awareness training programs, one thing is perfectly clear. They all prefer carrots and fewer sticks. A question human risk managers frequently ask me is what role negative consequences should play in a successful security awareness training program?

The slow and steady progression of technology has transformed the way we work (and think about work) in so many exciting ways. The past few decades have opened new opportunities to create, automate, and manage just about everything that might exist within the IT ecosystem… but sometimes that progression creates complexity and conflict, as new technology solutions clash with existing standards and operations.

When it comes to hiding dirty money, it’s not just cryptocurrency we have to worry about, according to author, speaker, and investigative journalist Geoff White.

Over the last month there have been some updates about the mysterious 7777 botnet—which was first mentioned in this post in October 2023. Until now, it was known that the botnet was made up of TP-LINK routers and that it was being used to execute very low volume and controlled brute force attacks on Microsoft 365 services targeting corporate accounts. In our continuous efforts to have all sorts of malware families under our radar, the 7777 botnet is no exception.

Software Security is the field mainly concerned with protecting software applications and systems against different threats or risks or the process of defending software applications or systems against various threats, risks, or attacks. It includes the various initiatives, methods, and safeguards to protect the software and data it processes from unauthorized access, alteration, or denial.

In July 2024, Netskope Threat Labs tracked a 2,000-fold increase in traffic to phishing pages delivered through Microsoft Sway. The majority of the credential grabbing pages investigated used “Quishing,” a form of phishing that uses QR code to trick users into accessing a malicious website. The phishing campaigns targeted MS Office credentials, using documents to bait users into logging in.