Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cicada (also known as Cicada3301) is sophisticated ransomware written in Rust that has claimed more than 20 victims since its discovery in June 2024.

Effective user management allows people to access resources while protecting the security and integrity of data and IT infrastructure. With the rise of remote work and cloud-based applications and infrastructure, user management is a foundational security measure. User management also streamlines the process of creating, controlling, and deleting user accounts, lightening the administrative burden on your IT team.

Incident reporting is a crucial component of maintaining cybersecurity and operational resilience across the European Union. As outlined in Article 23 of the NIS2 Directive entities falling under its scope are required to report “significant incidents” to the CSIRT (Computer Security Incident Response Team or the relevant competent authority without undue delay.

The risk of cyber attacks for companies is increasing and can significantly disrupt their operations, have negative financial consequences and damage their reputation. Small and medium enterprises (SMEs) are especially vulnerable to these attacks due to limited resources and a lack of cyber security expertise. Understanding the significance of cyber security is crucial for protecting sensitive data and ensuring business continuity.

Read also: A former cop gets 20 months in prison for selling victims’ personal data, a BEC scammer sentenced, and more.

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by targeting humans directly. “The enduring dominance of phishing as an initial access technique underscores its effectiveness and persistence in the face of cybersecurity advancements and more sophisticated methodologies,” the researchers write.

Vulnerability management is absolutely critical to protecting an organization’s IT and cloud infrastructure, systems, or applications from incoming threats. The ability to remediate the most relevant vulnerabilities quickly is the only way to keep your perimeter safe. Yet, security teams struggle with managing vulnerabilities. Why? At the core lies a fundamental communication and collaboration problem.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Better get patching!

The SecOps Cloud Platform (SCP) helps managed security service providers (MSSPs) improve their response times in several ways. Here is an overview of the most significant use cases.

An X-Powered-By header is a type of HTTP response in the header field (most headers prefixed with an ‘X-‘ are non-standard) that informs the user which technology stack or framework is running on the web server. For example, if a web server is running Node.js, the header would be “X-Powered-By:Express”, which indicates an Express framework is being used.