We are excited to announce that KnowBe4 has been named a leader in the Fall 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the 14th consecutive quarter! The latest G2 Grid Report compares Security Orchestration, Automation, and Response (SOAR) Software vendors based on user reviews, customer satisfaction, popularity and market presence. Based on 318 G2 customer reviews, KnowBe4’s PhishER platform is the top ranked SOAR software.

The second most popular OS in today’s business environment, macOS, is often neglected in cybersecurity discussions. This is likely due to Windows OS holding a dominant share (72.1%) of the global workstation market and Linux (4.03%) running critical parts of IT infrastructure. This often leaves macOS excluded from the conversation.

Most computer systems and applications use passwords as a common authentication method. The simplest way to implement authentication is to store a list of all valid passwords for each user. The downside of this method is that if the list is compromised, the attacker will know all the user passwords. A more common approach is to store the cryptographic hash value of the password phrase.

Context switching can be security’s worst enemy. Today’s security practices require developer buy-in, and when security teams require developers to deviate from their established workflows to address issues, adoption becomes far less likely. To truly empower developers to find and fix vulnerabilities within their code, security teams must shift security even further left. It’s not enough to simply provide user-friendly tools and training around them.

In the ever-evolving landscape of cybersecurity, IT practitioners stand as the first line of defense against an increasingly sophisticated array of threats. Their role in safeguarding critical assets, data, and infrastructure has never been more crucial. But as the complexity and frequency of cyber attacks escalate, these professionals often find themselves overwhelmed by an ever-growing list of responsibilities and tasks.

File hosting services enable business email compromise (BEC) attacks, Mamba 2FA threatens global organizations, and the Dark Angels ransomware group conducts targeted attacks.

Virtual machines (VMs) running on cloud-native platforms like OpenShift Virtualization require robust backup and recovery solutions to avoid downtime and data loss. However, many organizations struggle with the complexities of backing up VMs in hybrid and multi-cloud environments, especially when managing infrastructure at scale.

CVE-2024-23113 is a critical (9.8) Fortinet FortiOS vulnerability allowing remote, unauthenticated attackers to execute arbitrary code or commands using specially crafted requests. The flaw uses an externally-controlled format string vulnerability in the FortiOS fgfmd daemon.

On September 26, 2024, four critical vulnerabilities, CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177, were disclosed in the open-source printing system Common Unix Printing System (CUPS) and its components. Attackers can leverage the remote code execution (RCE) and input validation vulnerabilities as part of an attack chain.