Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month.

Most malware security researchers encounter in the wild is written in C or C++. These languages provide low-level system access and control, plus performance, allowing threat actors to create highly efficient and stealthy code. But that doesn’t mean cybercriminals are limited to those two languages. SecurityScorecard recently reverse-engineered the Vjw0rm worm written in JavaScript and the Java-based STRRAT remote access trojan (RAT).

In the past five years, Enterprise Attack Surfaces (EAS) have evolved significantly. EAS refer to the various entry points that cybercriminals can exploit to gain unauthorized access to an organization's digital assets. With the increasing use of cloud-based services, the proliferation of connected devices and the growing reliance on third-party vendors, attack surfaces have become broader, more numerous and more complex.

Cybersecurity is one of the top concerns for organizations. In recent years, and that’s not going to change any time soon – unless, if anything, cybersecurity becomes the top concern. So what can an organization do about the rise in cybersecurity incidents? In this article we’ll take a closer look at security incidents: what they are, the most common types, and how to prevent and mitigate them.

Amazon Security Lake is a new service from Amazon Web Services (AWS) that is designed to help organizations improve their security posture by automating the collection, normalization, and consolidation of security-related log and event data from integrated AWS services and third-party services (Source Partners). By centralizing all the security data in a single location, organizations can gain greater visibility and identify potential threats more quickly.

Cloud Native Application Protection Platforms – or CNAPP solutions – are steadily gaining traction as the best solutions to address Cloud Native security. Regardless of your cloud adoption maturity (whether you’re PoC-ing some services in the cloud, running a few applications, or fully embracing this new era), We’re sure you have likely already noticed that cloud-native security is different from IT-managed data center security. But how exactly is it different?

Designed to support the digital resiliency of financial institutions in the EU and UK, the Digital Operational Resilience Act is set to go in effect in January 2025. In this blog, we take a deep dive into what organizations must do in order to be compliant with this new legislation. Digital resiliency is one of the financial sector's most significant challenges today.