Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

NIST has long been an important acronym in the world of cybersecurity, where organizations have for years used the NIST Cybersecurity Framework to help guide their security investments. But the practices and controls associated with NIST have evolved recently, due to the release of NIST 2.0. If you’re stuck in the era of NIST 1.x, it’s time to adapt.

Windows Installers (.msi files) are a known vector of malware distribution. Although not quite common, they have been used by threat actors to distribute malware of all sorts. During July 2024, the Cyberint Research Team noticed somewhat of an uptick in the usage of malicious.msi files. Among the various samples we noticed a specific variant of malicious installer being actively used in the wild, disguised as legitimate applications or update installers and targeting Korean and Chinese speakers.

When it comes to managing your cloud infrastructure, picking the right platform can make a big difference in how smooth, scalable, and cost-effective your operations are. Two of the top contenders in this space are OpenStack and VMware. Both offer powerful tools for handling virtualized environments, but they suit different needs and preferences. Knowing the key differences between them is essential to help you make the best choice for your organization’s goals and technical needs.

Is there one cybersecurity tool to rule them all? For most companies, the answer is probably yes. A cybersecurity platform combines multiple security capabilities — endpoint security, threat response, event logging, and more—into a single system. There are Swiss Army knife cybersecurity platforms that perform a range of tasks, like extended detection and response (XDR), and platforms with more niche functions.

Endpoints are a continuous target for threat actors. They serve as gateways to the overall network, meaning an attack that starts on a single endpoint can quickly spread across the attack surface. They offer a valuable entry point into an organization’s environment that can be used to launch sophisticated cyber attacks.

Attention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen (@dev-bio on GitHub) and it demands immediate attention from security professionals and DevOps teams. CVE-2024-7646, affecting the popular ingress-nginx controller, allows malicious actors to bypass annotation validation and potentially gain unauthorized access to sensitive cluster resources. This vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High).

The field of AI has been around for decades, but its current surge is rewriting the rules at an accelerated rate. Fuelled by increased computational power and data availability, this AI boom brings with it both opportunities and challenges. AI tools fuel innovation and growth by enabling businesses to analyse data, improve customer experiences, automate processes, and innovate products – at speed. However, as AI becomes more and more commonplace, concerns about misinformation and misuse arise.

External cybersecurity threats are a well-known problem, but organizations should also be aware of managerial insider threats. These threats originate from individuals with privileged access and authority and can cause devastating damage to an organization’s data, reputation, and bottom line. In this guide, we’ll examine managerial insider threats and offer insights and strategies you can use to detect, prevent, and mitigate these risks.

Veracode is pleased to announce the general availability of our new Azure DevOps Workflow integration. This new integration provides our customers using Azure DevOps Services with easy-to-configure, event-driven security testing of their application and infrastructure code managed in their Azure DevOps Repos.