Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers the UK-based winter fuel payment scams, a China-linked telecom hack targeting US politicians, and a new Google Chrome flaw exploited by Lazarus.

The retail industry’s digital transformation has made secure APIs essential to modern operations since they are at the core of this shift. APIs power everything from e-commerce platforms and mobile shopping apps to inventory management, point-of-sale systems, and personalized customer experiences. They help retailers stay agile in a fast-paced market by enabling seamless data exchange and streamlining processes.

Read also: Global joint operation takes down RedLine and Meta malware infrastructure, a former Disney employee charged for hacking menus, and more.

This week, Gartner released its 2024 Gartner Critical Capabilities Report for Endpoint Protection Platforms (EPP) as a companion to last month’s 2024 Gartner Magic Quadrant for Endpoint Protection Platforms. We’re proud to share that CrowdStrike received the highest score in both the Core Endpoint Protection and Managed Security Services Use Cases in the 2024 Gartner Critical Capabilities Report for Endpoint Protection Platforms for the second consecutive time.

Secure Sockets Layer (SSL) certificates are digital certificates that authenticate a website’s identity and encrypt the connection between a web browser and a web server. An SSL certificate is added to an organization’s website to make sure online transactions are secure and customer information remains private.

Attack vectors and attack surfaces are both critical concepts in cybersecurity, closely related yet distinct in their roles and implications. Understanding the similarities and differences between them is key to developing robust security strategies. This article will detail what both concepts involve, why they’re crucial, and methods your organization can conduct to enhance its current security posture.

With AI moving faster than ever, businesses are embracing GenAI and Agentic AI to supercharge their development processes, enabling both technical and non-technical users to build, innovate, and automate. However, the need for security in this space has never been more critical. That’s where Zenity comes in and why I’m so excited to join the company, especially at a time of immense growth and expansion given our recent Series B funding.

CISO is a high-profile position with high expectations – and the impact clock starts ticking day 1. At Cato, we’ve had thousands of conversations with CISOs from companies of all sizes across different industries – learning about what works, what doesn’t, and the strategies that boost proactive, visionary leadership. This blog post, along with the eBook 30-60-90 Day CISO: Mastering the IT Security Game, is rooted in that collective wisdom.

We’re excited to share that Tines has been named a Leader and Outperformer in GigaOm’s Radar Report for Security Orchestration, Automation and Response (SOAR). We were the only vendor to secure scores of 4 (superior) or 5 (exceptional) in all evaluated categories, including key features, emerging technologies, and critical business criteria. Tines also earned Outperformer status based on our high rate of delivery in the last year, high release cadence, and strong roadmap for the upcoming year.