New insight into ransomware attacks show that cyber attacks are a top concern for organizations – with many not aware they were a victim until after the attack. According to Arctic Wolf’s The State of Cybersecurity: 2024 Trends Report, 91% of reported ransomware attacks included a data exfiltration effort. This is far more than the sub-80% numbers we’ve seen from the Coveware quarterly reports we cover.

Security awareness training (SAT) and simulated phishing works to significantly reduce cybersecurity risk. We have the data, customer testimonials and government recommendations to prove it. Social engineering, especially as enabled by email, text messages, the web and phone calls, is involved in the vast majority of cybersecurity attacks. No other root initial access hacking method comes close.

This month's product updates and enhancements rollup include Issue Auto-Remediation, eTMF – optional artifacts and automatic milestones, and importing credentials from the desktop app for Microsoft Co-editing. Below is a summary of these and other new releases. Visit the articles linked below for more details.

dYdX is a leading decentralized finance protocol that focuses on perpetual derivatives trading. dYdX focuses on investment tools like perpetual futures (a type of derivative that allows traders to speculate on the price of a crypto asset without owning it). The dYdX Chain distributes 100% of protocol fees to DYDX Stakers for bolstering the dYdX Chain’s security. Fireblocks offers secure and efficient access to dYdX’s decentralized exchange features.

Attending industry events is quite possibly one of the most important requirements of running a successful managed service provider (MSP) business. Why? On the one hand, a few days away from the day-to-day grind of running your MSP to instead network with your peers and enjoy some MSP swag seems like the perfect opportunity to unwind while staying connected. On the other (equally as important!) hand is all the great learning going on.

Note: This vulnerability remains under active exploitation, and Kroll experts are investigating. If further details are uncovered by our team, updates will be made to the Kroll Cyber Risk blog. A critical zero-day vulnerability, being tracked as CVE-2024-24919, has been discovered and patched in a number of Check Point products. This vulnerability has a CVSS score of 8.6 assigned by Check Point and is actively being exploited in the wild with proof of concept (POC) exploits available.

One of the biggest SIEM management problems SOC teams face is that they are often overwhelmed by false positives, leading to analyst fatigue and visibility gaps. In addition to that, one of the toughest challenges in security is detecting when SaaS access tokens are compromised without adding to the false positive problem. At Elastic, the InfoSec team tackles both of these issues by automating SIEM alert investigations with tools like Tines.

Whenever a government agency, contractor, or subcontractor wants to work with a cloud service provider, they have to find one that upholds the level of cybersecurity, physical security, and authentication that the government sets as standard. Usually, agencies have two options to do this. They can work with a cloud service provider that is FedRAMP authorized, or they can work with one that is FedRAMP Equivalent.

Vulnerability scanning is a critical component of any robust Offensive Security strategy. When combined with penetration testing and Red Team exercises, they can serve as an early warning system to identify potential security weaknesses and provide an organization with the breathing room needed to implement changes before they are discovered and exploited.