In our digitized world, online banking has become an integral part of managing your finances, offering unparalleled convenience. However, with this convenience comes an increasing need for robust cybersecurity measures. As you embrace the ease of handling your financial affairs online, understanding the importance of cybersecurity becomes paramount.

We hear time and time again that humans are the biggest vulnerability in cybersecurity. For instance, the 2023 Verizon Data Breach Investigations Report (DBIR) states that 74% of data breaches investigated were caused by human error, such as social engineering attacks, flaws or misuse of systems.

Some of you may remember when phones were primarily used for making phone calls. In today’s rapidly evolving digital landscape, our smartphones and tablets have transformed into multifunctional devices, serving as mini-computers, high-resolution cameras, and indispensable companions in our daily lives. They seamlessly keep us connected to the world, offering endless avenues for communication and entertainment.

Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a configuration change prevented many breaches. Security configuration management can make a huge difference in reducing an organization’s vulnerability.

A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang. The bounty offer comes from the US State Department, following this week's disruption of the criminal organisation's activities. LockBit, which has been operating since 2020, has targeted thousands of victims around the globe, causing the loss of billions of dollars in both ransom payments and recovery.

Did you know that GitHub Copilot may suggest insecure code if your existing codebase contains security issues? On the other hand, if your codebase is already highly secure, Copilot is less likely to generate code with security issues. AI coding assistants can suggest insecure code due to their limited understanding of your specific codebase. They imitate learned patterns or utilize available context without providing judgment.

Read also: Zeus kingpin pleads guilty, the Medibank hacker arrested, and more.

We’re excited to share that Vanta now integrates with NinjaOne, a leading IT platform for endpoint management, security, and visibility. ‍ This integration offers a comprehensive solution for businesses striving to maintain high-security standards while ensuring compliance with regulations. ‍

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A rather cunning and slippery (see what I did there?) shell script to watch out for…