In Part 1, the existing global regulations around IoT were introduced. In this part, the challenge of complying with these rules is examined.

ONNX Store targets the financial industry, Boolka delivers the BMANAGER trojan via SQLi attacks, and SneakyChef deploys SpiceRAT and SugarGh0st.

As the NIS2 Directive reshapes the cybersecurity landscape across Europe, a key focus for organisations is understanding and managing their critical suppliers. The directive mandates heightened scrutiny and tighter controls around these essential entities, underscoring their importance in your overall cybersecurity strategy. But the pivotal question remains: How do you determine who qualifies as a 'critical supplier'?

A newly discovered spyware tool named MerkSpy is targeting users in Canada, India, Poland, and the U.S., exploiting a patched security flaw in Microsoft MSHTML. This campaign, identified by Foresiet researchers, highlights the critical need for vigilant cybersecurity practices, including stolen credentials detection, darknet monitoring services, and digital footprint analysis. Attack Overview The attack begins with a Microsoft Word document disguised as a job description for a software engineer.

For the Sysdig Customer Success team, our mission is simple: ensuring that our customers get the most value from our product. Usually that means helping them use the product, answering questions, and requesting feature enhancements. In our line of work, sometimes you have to throw out the usual playbook to make things happen. This particular story started when we noticed a change in a customer’s agent usage.

While the Fourth of July is typically considered a day of celebration for those in the U.S., many don’t realize it’s also a period of heightened risk. In fact, this isn’t unique to the Fourth of July: holidays often see an uptick in cybersecurity threats. With the Fourth of July nearly upon us, let’s examine why this happens and how you can protect yourself and your business.

A widespread ransomware attack has brought thousands of car dealerships across the United States to a halt. The incident, attributed to the BlackSuit ransomware gang, targeted CDK Global, a software provider essential to the operations of numerous car dealerships. This breach underscores the critical need for robust cybersecurity measures such as stolen credentials detection, darknet monitoring services, and digital footprint analysis.

As businesses continue to expand their reliance on cloud security and privileged access management, the imperative to implement least privilege access in a manner both effective and efficient cannot be overstated. Yet, with the increasing complexity of information systems and the proliferation of privileged accounts, manually administering and enforcing the least privilege principle poses substantial challenges.

As organizations increasingly adopt a mix of cloud-based and on-premises systems, they face unique challenges in securing their hybrid infrastructures. Unlike traditional IT setups, where everything is managed within the confines of a single data center, hybrid infrastructures combine the agility of the cloud with the control of on-premises systems. While this blend offers flexibility and scalability, it also introduces security complexity and a broader attack surface.