Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Machine learning-based data loss prevention (DLP) file classifiers provide a fast and effective way to identify sensitive data in real-time, empowering organizations with granular, real-time DLP policy controls. Netskope Advanced DLP offers a wide range of predefined file classifiers, such as passports, driver’s licenses, checks, payment cards, screenshots, source code, tax forms, and business agreements.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A story of a total train crash… Good guy hits bad guy, hits another bad guy and maybe someone wins…

Data theft, data protection and the leakage of passwords or secrets are the top two cloud security concerns for 2,400 cybersecurity experts, according to the recently released CyberArk 2024 Identity Security Threat Landscape Report. In an ever-brewing digital ecosystem of multi-cloud environments, countless on-prem and SaaS applications – and third-party and fourth-party providers, 94% of organizations report having faced at least one identity-related breach in the last 12 months.

If you are a cybersecurity professional, it’s hard to ignore the recent shift in the SIEM landscape unless you’ve been living under a rock… or more likely, under the crushing weight of terabytes worth of disconnected SIEM logs. Let’s catch everyone up to speed anyway.

The Evolution of Email Threats Email has long been a favored vector for cyber attacks. From the early days of simple phishing scams to the more advanced spear-phishing campaigns, email threats have consistently evolved. However, the integration of AI has brought about a paradigm shift in both the complexity and frequency of these attacks. AI-Powered Phishing Phishing attacks have traditionally relied on mass-distribution strategies, hoping to catch a small percentage of victims.

CVE-2024-24919 is a critical security vulnerability identified in Check Point Quantum Security Gateway, a widely used network security appliance. This vulnerability allows attackers to exploit the gateway, leading to the exposure of sensitive information. As a zero-day exploit, it presents significant risks to organizations relying on Check Point for their network security.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats, including a newly created scenario that leverages AI Generated malware. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.

Both fraud alerts and credit freezes are free of charge, but there are some differences between the two you should be aware of if you’re deciding on placing one over the other. Both fraud alerts and credit freezes are meant to protect you from identity theft and fraud, however, fraud alerts add an extra layer of verification and only last a year, whereas credit freezes prevent new credit from being opened and don’t expire.

On May 9, the North American Electric Reliability Corporation (NERC) officially adopted new Critical Infrastructure Protection (CIP) requirements for Internal Network Security Monitoring (INSM). This is one of the last steps before Federal regulators make it an official standard for utilities and the electrical power grid industry. What does it mean? Compliance for CIP-015-1 is coming to your utility. Utilities will need monitoring tools with deep and wide asset intelligence and network control.

Many of us in the information security sphere have sat in front of a console and furiously executed various queries while either mumbling internally or externally, with varying levels of stress and frustration: what is going on? When investigating a particular system, an odd event, or a declared incident, we are all attempting to answer this question in one way or another. Detections, documented threat hunts and security operations procedures do not manifest out of thin air.