Two positive steps were taken last month to limit the damage caused by phishing and Business Email Compromise (BEC) attacks when a joint action by UK and EU law enforcement agencies compromised the infrastructure of the phishing-as-a-service operation LabHost and a major BEC operator was convicted in US Federal Court. While law enforcement operations are integral to defeating cybercrime, disrupting one or two adversary groups does not minimize the threat.

Last week’s release of OpenAI’s GPT-4o, along with the story around Slack’s AI training policy, goes to show that AI innovation is happening at a rate where, for most companies, security simply can’t keep up.

The widespread adoption of external libraries and packages in the modern application development process introduces potential security risks that could impact the entire application. To address this, Software Composition Analysis (SCA) tools like npm-audit and OSV Scanner play an important role.

To respond to the increasing number of federal cybersecurity recommendations and regulations, cybersecurity leaders and their teams need to be confident in the transparency and resiliency of their security processes. The key is a strong and well documented risk management program. This is imperative for the compliance or incident audits that come with regulations.

Large Language Models (LLMs) have become indispensable tools across various sectors, reshaping how we interact with data and driving innovation in sensitive domains. Their profound impact extends to areas such as healthcare, finance, and legal frameworks, where the handling of sensitive information demands heightened security measures.

With our new connect flows you can create credentials with less friction. As you build, easily connect flows for 50+ products (with more being added all the time). We also added some neat ways to restrict credentials by URL path or send email action. Login and see →

The UK’s National Cyber Security Centre (NCSC) has issued guidance to help medium-sized organizations defend themselves against business email compromise (BEC) attacks, especially those targeting senior staff members. The NCSC says employees should be cautious about the type of personal information they post on the internet, since criminals can use this knowledge to make their attacks more convincing.

In Q1 2024, we saw an evolution in techniques used by attackers, some of which may point to longer term trends in the variation and sophistication of attacks faced by organizations. In particular, with regards to phishing, we saw SMS and voice-based tactics being used, which raises concern around the potential for deep fakes and AI-type technologies to further enhance the effectiveness of phishing attacks.

On May 21, 2024, Ivanti disclosed six critical-severity SQL Injection vulnerabilities affecting Ivanti Endpoint Manager, specifically versions 2022 SU5 and earlier. These six vulnerabilities, identified as CVE-2024-29822 through CVE-2024-29827, each carry a Common Vulnerability Scoring System (CVSS) score of 9.6. They allow unauthenticated attackers within the same network to execute arbitrary code on the Core server. This disclosure was made simultaneously with the release of a security hot patch.

Ongoing social engineering campaign targets enterprises, hackers expand DNS tunneling, and a malvertising campaign leads to ransomware.