Cybersecurity in 2024 has seen a shift toward open, collaborative intelligence sharing across industries. This shift is promising but not yet complete; significant gaps remain in intelligence sharing, especially following cyber incidents. Victim organizations are often hesitant to share attack details due to fears of reputational damage and stigmatization.

Netskope Threat Labs publishes a quarterly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

From power grids and water systems to transport networks and healthcare facilities, critical infrastructure has become a key target for cyber attacks in recent years, such as US utilities suffering a 70% year-on-year increase in cyber attacks this year. The reason for targeting critical infrastructure is clear: they often use outdated software and the attacks have an outsized disruptive impact.

Securing data today requires the context provided by data lineage: where data came from, who interacted with it over time, which systems have used it, and more. But buyer beware: many vendors now claim to offer “data lineage” that only provides a tiny fraction of the context of true, global data lineage.

In cybersecurity, transparency matters—because none of us are immune. Increasingly, we’re seeing threat actors hone in on specific organizations. When we detected the recent “Contagious Interview” campaign targeting one of our own, our team acted fast to stop it in its tracks. We’re sharing this story so others can see how easily these attacks unfold—and how quickly they need to be stopped to protect the community.

New age verification laws are popping up around the world. Learn what these laws are and how to stay compliant. Kerwell is a product marketing manager focused on Persona’s identity verification solutions. He enjoys watching basketball and exploring the world with his German Shepherd. Kerwell is a product marketing manager focused on Persona’s identity verification solutions. He enjoys watching basketball and exploring the world with his German Shepherd.

The Cyberint Europe Threat Landscape 2024-2025 report sheds light on the increasingly complex and evolving cyber threat environment affecting organizations across Europe and the UK. Leveraging data from Cyberint—which monitors threats like phishing, malware, and supply chain vulnerabilities—the report highlights a surge in malicious activities driven by global conflicts, technological shifts, and the growing use of generative AI in cybercrime.

As the holiday shopping season approaches, the 2024 Trustwave Risk Radar Report: Retail Sector reveals that cybercriminals have sharpened their tactics, utilizing ransomware and phishing attacks that exploit well-known online brands to target retailers and consumers directly. These skills will likely be employed to infiltrate various retail organizations throughout the year.

Continuous vulnerability management is not just a best practice—it's a necessity. With so many open-source dependencies to choose from (almost 3 million on the npm registry!), it’s no wonder supply chain security incidents are the focus of malicious actors. Let’s not forget the rise of ChatGPT, LLM chatbots, and AI-assisted code generation.

With an average of more than 5 data breaches globally a day, it’s clear companies need a way to prevent data loss. This is where a data loss prevention policy comes into play. A data loss prevention policy serves as a crucial safeguard against unauthorized access, data breaches, and compliance violations. This comprehensive framework outlines strategies and procedures to identify, monitor, and protect valuable data assets across an organization’s network, endpoints, and cloud environments.