When it comes to managing your cloud infrastructure, picking the right platform can make a big difference in how smooth, scalable, and cost-effective your operations are. Two of the top contenders in this space are OpenStack and VMware. Both offer powerful tools for handling virtualized environments, but they suit different needs and preferences. Knowing the key differences between them is essential to help you make the best choice for your organization’s goals and technical needs.

It has been only one year and nine months since OpenAI made ChatGPT available to the public, and it has already had a massive impact on our lives. While AI will undoubtedly reshape our world, the exact nature of this revolution is still unfolding. With little to no experience, security administrators can use ChatGPT to rapidly create Powershell scripts. Tools like Grammarly or Jarvis can turn average writers into confident editors.

Shared Responsibility Models, NIS2, DORA, or SOC 2 & ISO audits, accidental deletions, and the evolving threat landscape in SaaS apps confirms that DevOps Security becomes a priority. CISOs and DevOps teams need to meet halfway to secure data processed across GitHub, GitLab, and Atlassian, without compromising agility and efficiency. However, finding this middle ground is not an easy task.

Windows Installers (.msi files) are a known vector of malware distribution. Although not quite common, they have been used by threat actors to distribute malware of all sorts. During July 2024, the Cyberint Research Team noticed somewhat of an uptick in the usage of malicious.msi files. Among the various samples we noticed a specific variant of malicious installer being actively used in the wild, disguised as legitimate applications or update installers and targeting Korean and Chinese speakers.

Imagine you have a backpack with a granola bar buried at the bottom and a tenacious tiny dog who loves snacks. Even though the dog shouldn’t be able to reach that granola bar stored away carefully, it managed to open a zipper and snoop through the contents to eat the snack. From an IT environment standpoint, Application Programming Interfaces (APIs) are the backpack carrying sensitive – but appealing to attackers – data.

Elizabeth Harz, CEO of Veriato, sits down with Chris Hughes from Acceleration Economy for an exclusive interview to discuss the evolving landscape of insider risk management.

As the threat landscape continues to develop, ransomware and data brokerage groups constantly emerge, develop, and disband. Cyjax observed a relatively high level of data-leak site (DLS) emergence in July 2024, with a total of nine new sites. For reference, the highest observed number of ransomware groups that have emerged in a single month is ten (September 2022).

When it comes to the duration of a ransomware attack and the subsequent recovery process, the numbers are staggering and vary wildly. Partly because there’s no single source which compiles all the information in a consistent manner. On average, a cyber attack can last anywhere from a few days to several weeks, with the recovery time often extending to months or even years.

In a security bulletin on February 19, ConnectWise announced critical vulnerabilities (CVE-2024-1708 & CVE-2024-1709) to its on-premises ScreenConnect product (identified and responsibly reported by one of Kroll’s SOC analysts), allowing attackers to takeover an organization’s ScreenConnect. The vulnerability, trivial to exploit, allows anonymous individuals to a create system admin account on publicly exposed instances of the product.

As modern cyberattacks increasingly target cloud environments, it is imperative organizations have the technology they need to detect and stop them. The attack surface of cloud-native applications and infrastructure is quickly expanding. Cloud-native application protection platforms (CNAPPs) address the growing need for modern cloud security monitoring, security posture management, breach prevention and control tools to fully protect cloud environments.