With all the issues happening in cybersecurity technology lately, such as CrowdStrike’s software update that caused massive outages worldwide last week, it behooves all organizations to take a serious look at their security stack with an eye toward paring it down to help reduce your threat landscape.

The SocGholish malware, also known as FakeUpdates, has resurfaced with new tactics that leverage the BOINC (Berkeley Open Infrastructure Network Computing Client) platform for nefarious purposes. This sophisticated JavaScript downloader malware is now delivering a remote access trojan, AsyncRAT, and utilizing BOINC in a covert cyberattack campaign. This blog will delve into the specifics of this exploit, the implications for cybersecurity, and measures to mitigate the risks.

Quantum computing is poised to revolutionize the world. From simulating atoms and molecules to mapping and modeling in medicine, the potential use cases are vast and still unfolding. It may seem far on the horizon, but for those in cybersecurity, especially privileged access management, now is the time to start planning.

Keeper Security has once again proven its excellence by winning a group test of leading password managers conducted by Connect in Germany. The comprehensive evaluation, which included nine password managers, saw Keeper emerge as the clear “test winner” for its outstanding security, features and usability. This latest German accolade follows closely behind Keeper’s win in the CHIP Magazine’s Password Manager Test for a second consecutive year.

In today’s hybrid office environments, it can be difficult to know where your most valuable and sensitive content is, who’s accessing it, and how people are using it. That’s why Egnyte focuses on making it simple for IT teams to manage and control a full spectrum of content risks, from accidental data deletion to privacy compliance.

Explore key insights from CodeSecDays 2024 on software supply chain security. Learn about AI in DevSecOps, SLSA frameworks, developer-security collaboration, and secrets management. Discover strategies for a more secure digital future.

Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports. I recently wrote my thoughts about the outage that was caused by a faulty CrowdStrike update that was extremely disruptive globally. The outage was caused by a faulty CrowdStrike update that crashed Windows systems, disrupting airlines, banks, hospitals, governments, and businesses around the world.

At Teleport we solve a wide range of problems: letting our customers access their infrastructure remotely without passwords or shared secrets, replacing shared credentials in CI/CD workloads with mTLS, and eliminating the need for VPNs to enable Just-In-Time Access to web apps, cloud consoles, databases, and more. Device trust was the last missing piece in replacing VPNs, as they offer a powerful feature letting customers pin access to specific networks.

The world is becoming more cloud-native every day. Infrastructure spending is estimated to rise by 19.3 percent in 2024, partly driven by ‘new and existing mission-critical workloads.’ Investment and innovation is going hand-in-hand, as new and established businesses race to modernize architecture and provision applications. At the same time, many are demanding hyperscale and high-performance cloud providers to run AI and machine learning services.

Companies constantly face a multitude of threats online. Understandably, there is no way for them to deal with all of the attacks given their limited resources and the time-consuming nature of continuous threat detection and prevention. As such, some threats are prioritized over others, depending on their urgency. This leads to threats being classified as “low-priority”, especially when it comes to brand protection.