Advanced Persistent Threats or APT are a growing concern in the business world. Hackers are constantly improving their tactics and adopting new vulnerabilities. Organizations are scrambling with the increasing sophistication of attacks and are ready to invest in cybersecurity solutions in the hopes of early Advanced Persistent Threat detection and mitigation. However, before choosing a solution, it is important to understand the meaning and nature of APT.

‍Managing risk is a part of life, whether it's in the personal, private, public, or professional spheres, but often, these various areas of vulnerability are addressed in isolation. In the corporate world, too, the various components of business risk were once tackled as mutually exclusive, with each departmental leader focusing on their sole area of expertise.

The Sysdig Windows agent is a game-changer for cloud infrastructure, particularly when it comes to securing Windows containers in Kubernetes environments. While many endpoint protection agents are designed to provide security for traditional Windows hosts, Sysdig goes a step further by incorporating Kubernetes-specific context into its system introspection.

As organizations embrace social media for networking, marketing, and recruiting, platforms like Facebook, Instagram, LinkedIn, and X (formerly Twitter) have become integral to business operations. While social networking sites offer numerous benefits for productivity, collaboration, and engagement, they also introduce significant security challenges, particularly concerning the handling and potential exposure of sensitive data.

A Software Bill of Materials (SBOM) is essentially an inventory of the components used to build a software artifact, such as an application. While the concept of tracking an application’s components is not new, its importance has grown in recent years due to the rising threat of software supply chain attacks. One significant example is the SolarWinds attack, which highlighted how threat actors are increasingly targeting vulnerabilities in software components during the delivery process.

On October 9, 2024, GitLab released patches for a critical vulnerability affecting various versions of GitLab EE, identified as CVE-2024-9164. This flaw allows a remote attacker to run pipelines on arbitrary branches within a repository, which could potentially lead to code execution. A GitLab pipeline consists of a series of automated processes that execute in stages to build, test, and deploy code.

Early last month, Netskope announced a few key security innovations across the Netskope One platform and some of my colleagues kicked off the conversation about Netskope Risk Exchange in a previous blog, Evolving the Netskope Risk Exchange Ecosystem. This blog series will continue to explore a number of different workflows that those comfortable using basic scripting, or enablement tools like Postman, can employ to programmatically update and inform your inline policy actions.

As cyberattacks are becoming more sophisticated, traditional security measures such as firewalls and intrusion detection systems (IDS) are no longer sufficient. That’s why Network Detection and Response (NDR) is brought into the picture, to provide better and advanced solutions. It comes with real-time detection, automated responses, and advanced analysis. This blog focuses on the protective defense capabilities of NDR in cyber security.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A bit ouch I would say. Bad luck…

NTLM has three versions - NTLMv1, NTLMv2 and NTLMv2 Session Security. NTLMv2 is supposed to offer better security than its previous version, and to some extent it does provides better defense against relay and brute force attacks, but does not completely block them. NTLMv2 Session Security is a session security protocol that can be used in conjunction with NTLMv1 or NTLMv2 to provide additional security.