On April 12, 2024, Palo Alto Networks published a security advisory detailing an actively exploited maximum severity zero-day vulnerability affecting the GlobalProtect feature of PAN-OS. Dubbed CVE-2024-3400, it was assigned the maximum critical severity score of 10.0 through the Common Vulnerability Scoring System (CVSS), meaning the potential for damage was large and the path to exploit was easy for cybercriminals.

It’s Cybersecurity Awareness Month and you know what that means. Pumpkin spice versions of Trustwave Managed Detection and Response (MDR) solutions are now available! Well, not really, but pumpkin spice season is the perfect time to raise awareness about the importance of cybersecurity and ensuring that individuals and organizations are equipped to protect themselves against cyber threats.

I’ve always been captivated by technological revolutions. There’s something exhilarating about witnessing a paradigm shift, a moment when the world is fundamentally altered by innovation. I remember the first time I held an iPhone, realizing that it wasn’t just another phone—it was a device that would redefine communication, connectivity, and even society itself. Similarly, when I first encountered LLMs like ChatGPT, I felt that same spark.

Increasingly targeted ransomware attacks, has cyber professionals on high alert securing their networks and understandably with a single attack being potentially such a massive loss (both in terms of finance, operational disruption as well as brand damage). A company that relies on its data to operate or grow should make setting in place a defense against ransomware a top priority. But we cannot take any protection measure without knowing what ransomware is all about.

With EASM now a critical piece of security operations, it seems like every vendor is jumping into the EASM pool. But not all EASM products are created equal. Companies in adjacent markets, like threat intelligence, are creating attack surface scanning products that are well short of enterprise grade. The shortcomings of these basic EASM products can waste time, erode confidence in security teams, and give an inaccurate picture of organizational risk.

In the last month, the Vanta team launched new features to help you: ‍

Supply chain detection and response (SCDR) is a solution for supply chain incident responders that drives critical issue identification, vendor responsiveness, and time to incident resolution. SCDR solutions provide risk intelligence, AI-driven workflows, and collaboration capabilities to improve the security posture of your organization and your suppliers.

A free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted in the creation of more than 140,000 phishing sites over the past year, according to researchers at Palo Alto Networks. The service allows unskilled criminals to spin up sophisticated phishing sites that steal credentials or deliver malware.

TDK Electronics is a German manufacturer of electronic components, modules and systems. With more than 23,000 employees spread across 20 development and production sites worldwide, TDK serves a range of industries, including automotive, industrial and consumer electronics, IT and telecommunications.

Managing files and directories is a common task in computing, especially in the Windows PowerShell environment. The Remove-Item in PowerShell is a key cmdlet for deleting files and directories, as well as other types of items in PowerShell. Remove-Item can be used for local file systems as well as other PowerShell providers like the Registry, Certificate Store, and Environment variables.