Ransomware risk is top of mind for citizens and CISOs alike. From the board room to the room known as the ‘SOC’, everyone is feeling the pain of disruption. Being locked out of a system and forced back to pen and paper is shocking to our working lives. Too often, it is delaying a much-needed surgery or forcing manual intervention where a digital avenue was easy and efficient. But the effects of ransomware don’t appear to be going anywhere soon.

At Rubrik, we take software security extremely seriously. That's why we're proud to announce that Rubrik has adopted the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design Pledge. This voluntary pledge focuses on enterprise software products and services, and by taking it, we're committing to make a good-faith effort to work towards seven key goals over the next year to further enhance the security of our offerings.

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares security awareness training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence. Have you ever wanted to peek behind the curtain of Security Awareness Training (SAT) platforms and see which one truly stands out? Well, you don't need to wonder anymore.

APIs are essential for modern applications as they enable seamless communication and data exchange, serving as the foundation of these applications. However, their interconnected nature makes them vulnerable to various threats. The high volume of API calls - ranging from millions to billions every month - poses a challenge in distinguishing between genuine attacks and harmless irregularities.

APIs were already ubiquitous in driving modern applications. However, the pandemic has further accelerated growth in innovation and expansion of digital services, making APIs even more widespread. In today’s world, rapid innovation would not be possible without secure APIs. Attacks on APIs are increasing exponentially. Gartner suggests API abuses are the most significant attack vector since 2022. Hence securing APIs is more critical than ever in the past.

Welcome, fellow developers! In this blog post, we are going to delve deep into the world of application security, specifically focusing on a vulnerability that can deteriorate FastAPI security: Denial of service (DoS) caused by insecure regular expressions (regex).

For small and medium-sized enterprises (SMEs), staying abreast of cybersecurity developments is critical — not just to growth, but to the company’s bottom line. But security evolves quickly, and it can be hard to keep up. In the midst of this fast-evolving security environment, AI has made a bold entrance. So bold, in fact, that only 10% of SMEs aren’t using AI and don’t plan to, according to a recent JumpCloud research report.

Drawing on extensive proprietary research, Trustwave SpiderLabs believes the threat actors behind the Facebook malvertising infostealer SYS01 are the same group that developed the previously reported Rilide malware. Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01 – Part 2 lays out evidence tying the latest Rilide (V4) version to SYS01. The report noted the code from the two malware types overlaps in too many areas to be a simple coincidence.

The cybersecurity landscape is rapidly evolving, and nowhere is this more evident than in the Security Information and Event Management (SIEM) market. This period of transformation, marked by strategic mergers and high-stakes buyouts, signals not only a race for market dominance, but also the potential for profound changes in how cybersecurity solutions will operate in the future.

SenseOn was called in to assist a pre-deployment customer with an alert by another security product, related to anomalous network behaviour. At the time of the incident, the customer had not yet deployed the SenseOn Universal Sensor to their estate.