Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for several new threats. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats.

People have always been susceptible to a deal that is too good to be true. In the 1800s, American con man George C. Parker was best known for his repeated successes in "selling the Brooklyn Bridge” to the unwary. Then, in the 1900s it became popular to sell "valuable" Florida real estate that turned out to be swampland.

“Aren’t you a little short for a Stormtrooper?” In this iconic Star Wars moment, Princess Leia lazily responds to Luke Skywalker, disguised as one of her Stormtrooper captors and using authentication information to open her cell. In other words, Star Wars acts as an analogy for a cross-site request forgery (CSRF) attack. In a CSRF attack, malicious actors use social engineering so that end-users will give them a way to “hide” in their authenticated session.

Cyber supply chain risk management (C-SCRM) is the process of identifying, assessing, and mitigating cybersecurity risks associated with an organization’s supply chain. Supply chains comprise multiple attack vectors, ranging from procurement tools to suppliers, developers, and third-party services. The complexity of this attack surface warrants a risk management strategy focused on supply chain risks as an extension to an existing third-party risk management program.

It’s almost time for KubeCon North America, and we’re excited to share the latest updates in Calico. These updates improve network and runtime security, make it easier to use, and extend Calico’s strong network security and observability for Kubernetes to VMs and hosts that are not part of Kubernetes clusters.

On October 31st, 2024, another package compromise and cryptocurrency hijack story unfolded for a popular npm package.

Passwords are required to do practically everything, from watching TV and accessing your phone to making a doctor’s appointment and paying your electric bill. Without a password manager, it’s virtually impossible to remember all of your passwords, particularly if you’re using strong and unique ones for each account.

Beware! Remote work and the variety of collaboration tools are making it easier than ever to access and share data, leaving sensitive information at risk from data vampires. Today, we share an old dark tale for you, but just as in Grimm’s fairy tales, the lessons are still frightfully relevant.

Telegram, with over 700 million users globally, is widely known for its privacy features, but its lack of strict moderation has made it a favored platform for cyber criminals. Over recent years, the platform has been linked to illegal activities, including drug and weapons trafficking, child exploitation, and cyber crime operations like phishing, malware distribution, and stolen data trading.

At.conf24 we unveiled the private preview of Splunk Enterprise Security 8.0, and the buzz was undeniable. Today, we are thrilled to announce that Splunk Enterprise Security 8.0 is now generally available! This isn’t just another release—it’s a massive leap forward that redefines and revolutionizes security operations. Splunk Enterprise Security 8.0 is the cornerstone of the SOC of the Future.