Modern SecOps teams use Security Information and Event Management (SIEM) software to aggregate security logs, detect anomalies, hunt for threats, and enable rapid incident response. While SIEMs enable accurate, near real-time detection of threats, today's SIEM solutions were never designed to handle the volume of security data organizations generate daily. As daily log ingestion grows, so do the costs of data management.

In cybersecurity, session sniffing—an attack method where attackers receive and use session data—is a recurring danger. The impacts of session sniffing are evident from numerous high-profile assaults. Let’s discuss some of these important cases that highlight the significance of strong security procedures.

In the ever-expanding world of cloud computing, one thing has become glaringly clear: identities are no longer just user profiles—they are the keys to the kingdom. As businesses race to harness the power of the cloud, they must also confront a growing menace: the risk posed by poorly managed identities. Imagine leaving your front door unlocked in a neighborhood known for break-ins — that’s what weak identity management is like in the cloud.

Read also: A money launderer for the Lazarus hackers arrested in Argentina, US offers $2.5M for the Angler hacker, and more.

Organizations whose IT infrastructure relies heavily on Microsoft will often adopt Azure Functions as part of their cloud modernization strategy. Azure Functions is an on-demand serverless solution that enables you to build and deploy event-driven code without worrying about provisioning and managing infrastructure. Azure Functions offers simplified development and deployment, automatic scaling, and seamless integration with other Azure services all within a cost-efficient pay-for-what-you-use model.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Oh boy, what a trove for scammers. Really hope plugged before used…

A Rubrik Zero Labs report found that 66% of IT and security leaders report that data growth outpaces their ability to secure data and mitigate risk. Adversaries are noticing, increasing the sophistication of cyberattacks, and leveraging gaps in coverage to target critical data for destruction, theft, or extortion. As the volume of data continues to grow and exacerbate visibility challenges, organizations must find ways to manage and protect their constantly expanding data.

After speaking to a wide spectrum of customers ranging from SMBs to enterprises, three things have become clear: Add that together, and we get Shadow AI. This refers to AI usage that is not known or visible to an organization’s IT and security teams. Shadow AI comes in many forms, but in this blog we’ll stick to a discussion of Shadow AI as it pertains to applications. Application security teams are well aware that AI models come with additional risk.

Our teams are always hard at work improving the TrustCloud platform. Here are this month’s biggest updates. Introducing our ServiceNow integration! This is a bidirectional integration with ServiceNow to pull ticket details into TrustCloud. Teams can create new ServiceNow tasks in TrustCloud and attach ServiceNow links as evidence to your tests. The integration also supports automatic task creation from TrustCloud. Just go to Admin -> Connected Apps, where you can automate task creation.

Latrodectus is a downloader first discovered by Walmart back in October of 2023. The malware became very famous due to its similarities with the famous IcedID malware, not only in the code itself but also the infrastructure, as previously reported by Proofpoint and Team Cymru S2. The malware is usually delivered via email spam campaigns conducted by two specific threat actors: TA577 and TA578.