Mike Tyson famously said, “Everybody has a plan until they get punched in the mouth.” After falling victim to a cyberattack, it is crucial for organizations to respond promptly and effectively to minimize damage, recover operations, and prevent future incidents. One of the most critical elements of responding to an incident is the recovery and restoration of affected systems so that business as usual can be restored as quickly and safely as possible.

TargetCompany’s Linux variant threatens ESXi environments with new methods, LilacSquid targets multiple sectors, and DarkGate malware switches from Autolt to AutoHotkey.

It’s been an exciting year for Splunk Enterprise Security! In May, we celebrated being recognized as a Leader ten times in a row in the 2024 Gartner Magic Quadrant for SIEM. We’re not stopping there. We’re excited to introduce the SIEM of the Future to keep the momentum going. Splunk Enterprise Security 8.0 is available now in a private preview.

I am excited to see Apple’s recent expansion of identity support in Apple Business Manager, their device and app lifecycle management tool for the enterprise. Simply put, it enables wider adoption of Managed Apple IDs by allowing organizations to use corporate email addresses as corporate Apple IDs, and integrate with a broader range of identity providers (IdPs) beyond Google Workspace and Microsoft Entra ID.

In today's digital landscape, organizations face constantly evolving threats, and modern applications are built on APIs, making robust API security a top priority. Salt Security, a trailblazer in AI-powered API security, is at the forefront of addressing this challenge with our innovative platform. The recent introduction of advanced LLM-driven attacker insights further solidifies Salt's position as a leader in API security solutions.

Patchstack has recently identified multiple security vulnerabilities in the WooCommerce Amazon Affiliates (WZone) plugin. Created by AA-Team, this widely-used premium WordPress plugin has garnered significant popularity, amassing over 35,000 sales. It serves as a crucial asset for website owners and bloggers aiming to monetize their sites through the Amazon affiliate program.

Monitoring user activity is crucial for maintaining a secure IT environment and complying with cybersecurity regulations. Ekran System is a comprehensive human-focused insider risk management platform for monitoring and managing user sessions. The platform lets you view user sessions to analyze employee and third party activity, meet compliance requirements, and protect your data and critical systems from insider threats.

Maintaining an active social media presence can be a great way to improve brand visibility and generate leads, but it also opens the door to cybersecurity risks — from phishing scams and malware to identify theft and data breaches. If employees accidentally post confidential information or click dodgy links via corporate accounts, cybercriminals can launch malicious attacks that can cause lasting damage to your business (67% of data breaches result from human error).

A significant surge in exploitation attempts targeting a newly disclosed information disclosure flaw in Check Point's VPN technology has been observed recently. This has underscored the urgent need for organizations to address the vulnerability immediately.

Sedara attended Buffalo’s very own BSides conference in early June. BSides are cybersecurity conferences held across the world, often planned and hosted by grassroots organizers. They’re a great way to learn about the latest trends in the industry and network with both established and aspiring professionals. Several of our team members attended this year’s conference, and here are their takeaways.