Data breaches and external threats are concerns for any security professional, but the most catastrophic security vulnerabilities often originate from malicious insider threats. This is not just an issue, it’s a pressing and immediate concern that demands our utmost attention. Here, we identify how to spot a malicious insider and provide proven strategies for preventing insider threats with technology-based solutions to protect your organization.

Our latest Phishing Threat Trends Report gives a comprehensive oversight into the types of phishing attacks and tactics organizations are facing so far in 2024, from the rise of ‘quishing’ and AI-powered phishing campaigns to the multi-channel approach. In this blog, we look at the key findings from the report, the industries and demographics most at risk, and the evolution of payloads from 2021 to date.

Supply chain cybersecurity and resilience have become pivotal across various cyber regulations, most notably NIS2 and DORA. In this blog, stemming from our latest ebook '5 Proven Strategies to Maximize Supply Chain Cyber Risk Management’, we will explore the reasons why resilience is a new mandate for CISOs today and, most importantly, how to secure the supply chain at scale—in line with evolving regulatory requirements.

New advancements in generative AI voice cloning come at a time when banks are looking for additional ways to authenticate their customers – and they’re choosing your voice. Banks adopted the principles of multi-factor authentication years ago. But continued cyber attacks aimed at providing SIM swapping services have increased the risk of assuming the credential owner actually possesses the mobile device. So, where do they go next to prove you’re you? Voiceprint.

By now, you have probably heard about the recently discovered backdoor into versions 5.6.0 and 5.6.1 of the tarballs of the xz utilities, a popular compression/decompression library for xz files, which provides unauthorized remote access under certain conditions. This vulnerability was reported under CVE-2024-3094. Andres Freund, of Microsoft, who discovered the vulnerability, summarized it well.

In any system, it’s important to know who is trying to gain access, whether successful or not. This is especially important when trying to keep something secure, like a network or confidential data. Ensure ‘Audit Credential Validation’ is set to ‘Success and Failure' keeps track of attempts to access a system, whether successful or not, using specific credentials, such as a username and password, and logs it.

What is ASM, sometimes called EASM? A simple definition of External Attack Surface Management (ASM or EASM) is the process of defining and securing your organization from the outside-in. Your organization’s attack surface is made up of all the assets belonging to your organization, all of your vendor-managed assets, Cloud and SaaS assets, and all of their external third-party, fourth-party, and Nth-party connections that are visible to an outsider.

When looking for sensitive information and other valuable assets, attackers rarely access their target directly. Instead, they find vulnerabilities in other components and use them to weave through the system and escalate privileges where they can. Because containers add a layer of complexity to already large and complex applications, the attack surface is increased, giving threat actors more to work with.

Read also: An international operation dismantles a massive phishing platform, the Firebird RAT developers arrested, and more.

LastPass has warned that one of its employees was targeted by a social engineering attack that used an audio deepfake that impersonated the company’s CEO. Fortunately, the employee grew suspicious and avoided falling for the attack. Mike Kosak, Senior Principal Intelligence Analyst at LastPass, explained in a blog post, “In our case, an employee received a series of calls, texts, and at least one voicemail featuring an audio deepfake from a threat actor impersonating our CEO via WhatsApp.