In today's digital landscape, Application Programming Interfaces (APIs) play an important role in driving innovation. They allow teams to integrate new applications with existing systems, reuse code and deliver software more efficiently. But, APIs are also prime targets for hackers due to their public availability and the large amounts of web data they transmit. API vulnerabilities can lead to unauthorized access, data breaches, and various other forms of attacks.

A high-severity security flaw in Progress Software's MOVEit Transfer platform is being exploited in the wild just hours after its disclosure. This vulnerability, identified as CVE-2024-5806, allows attackers to bypass authentication mechanisms and pose as any valid user, thereby gaining access to sensitive files.

Sports teams know how to balance offense and defense, but does your cybersecurity strategy?

It's a great honor for KnowBe4 to be named the Cyber Security Educator of the Year at the prestigious IT Europa Channel Awards 2024. This award recognizes our continued commitment and innovative approach to building a strong security culture and empowering organizations to manage the ongoing problem of social engineering. This achievement is a testament to the hard work and passion of our team in building the world's most comprehensive security awareness training and simulated phishing platform.

In addition to Splunk’s recognition as a 10-time Leader in the 2024 Gartner Magic Quadrant for Security Information and Event Management (SIEM), we are extremely proud to announce that Splunk was ranked as the #1 SIEM solution in all three Use Cases in the 2024 Gartner Critical Capabilities for Security Information and Event Management report.

Many organizations have yet to invest in a PAM solution because they can be expensive and complex. While this is true for some legacy PAM solutions, these organizations fail to consider the benefits that modern PAM solutions provide.

We are thrilled to announce the first release of powerful updates to Egress Prevent Analytics within the Egress Security Center, designed to provide deeper insights, richer data, and enhanced functionality for all our customers.

For two decades or so now, web applications have been the backbone of many businesses, making their security paramount. Dynamic Application Security Testing (DAST) and penetration testing are crucial for identifying and mitigating security vulnerabilities in web application security. While both aim to enhance application security, they differ significantly in their approach, execution, and outcomes.

Netacea is proud to announce that one year on from originally completing SOC 2 Type 2 compliance, we have successfully passed our latest audit. This is an accolade we take pride in as it further demonstrates our ongoing commitment to data security and protecting our customers.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers zero-day exploits advertised on a cybercriminal forum, a new AI threat taxonomy from Google DeepMind, and a newly identified side-channel attack method called SnailLoad.