Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Read also: Microsoft fixes a Windows zero-day, security researchers detail a way to bypass popular web application firewalls, and more.

Banks still struggle to properly integrate clients even though the majority of financial institutions (FIs) have explicit digital-first initiatives to automate & optimise their backend operations. The majority of corporate clients need an easy-to-use onboarding process with little human involvement and foolproof verification, but due to strict compliance requirements and a high demand for customization, this is a challenging challenge.

Compliance is a fundamental baseline for many organizations but doesn’t guarantee security. While there is some overlap, today’s security leaders must recognize the need to go beyond what compliance frameworks call for to achieve an extra layer of protection and peace of mind against potentially devastating breaches. Compliance may set the foundation, but it should never be viewed as providing total protection or proof of a robust security posture.

Resilient cybersecurity posture can only be achieved with a full understanding of your internal and external attack surface. CrowdStrike Falcon® Surface builds on our award-winning adversary intelligence with cutting-edge external attack surface management (EASM) capabilities for a complete picture of known and unknown externally exposed assets, all delivered via the unified CrowdStrike Falcon® platform.

On Tuesday, December 13, a joint announcement from the United States NSA and Citrix announced a zero-day vulnerability in Citrix ADC. The vulnerability (CVE-2022-27518) is a critical unauthenticated Remote Code Execution (RCE) issue currently rated as CVSS 9.8. Patches are already available from Citrix. The NSA attributes the zero-day to APT5, a Chinese hacking collective. There is currently no guidance for how widespread the campaign has been or how long it's been ongoing.

Meta has two of the largest social media platforms today, Facebook and Instagram. These platforms became the modern gateway for people not just to socialize and eavesdrop on the lives of famous personalities, but more importantly, to stay connected with their friends and loved ones. The sites also became effective channels for organizations to advertise and disseminate information.

In a key bulletin published in August 2022, Tony Chaudhry, the Underwriting Director of Lloyds, addressed the risk posed by cyber security threats to the insurance industry, stating that “losses have the potential to greatly exceed what the insurance market is able to absorb”.

In order to enable and sustain an effective and secure hybrid work environment, enterprises need security that can deliver protection anywhere, stop modern threats, ensure compliance, and maintain consistent policies across both on-premise and remote locations.