Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Imagine running a business that handles sensitive information, like financial data or health data. Now, think about what could happen if that data slipped out through a careless email, a file shared in the cloud, or a compromised account. This kind of data leak could result in hefty fines and a loss of customer trust. Data loss prevention products are critical from stopping this scenario from ever coming to pass.

Unfortunately, the cybersecurity industry has been in the crosshairs once again due to the global Microsoft outage caused by CrowdStrike’s disastrous software update on July 19th. Coincidentally, just five days following the CrowdStrike issue, the US District Court for the Southern District of New York dismissed a case involving another notable cybersecurity company, SolarWinds.

Threats to digital asset security are constantly evolving. That’s why having a robust disaster recovery (DR) plan is a necessity for institutions in this space. Ensuring business continuity and safeguarding against potential disruptions is paramount when it comes to maintaining trust, integrity, and the seamless operation of services. Counterparty risk continues to be a primary concern for institutional digital asset investors.

On the day that Splunk officially became part of Cisco, our leadership outlined key ways we’d come together to support customers to achieve business-critical outcomes, noting: In the short time since then, we’ve already made significant strides, demonstrated by our announcements of: As we continue to build on this momentum, we’re excited to announce the availability of Cisco Talos Incident Response services to Splunk customers.

Running tests against your security controls and other systems is a critical aspect of protecting your organization from a potential data breach and ensuring that you maintain compliance. Vanta’s platform has automated tests with continuous monitoring that run on an hourly basis against your controls as well as customized tests that you can adapt to your organization's needs.

Tectonic shifts are occurring across the cyber landscape, and organizations are increasingly turning to Microsoft as a cornerstone of their security strategy. At Trustwave, we have been at the forefront of this trend, partnering with Microsoft for years to deliver unparalleled security solutions and outcomes for our clients. Microsoft 365 E5 has become a compelling option for many organizations due to its robust suite of productivity tools and integrated security features.

CrowdStrike is aware of inaccurate reporting and false claims about the security of the Falcon sensor. This blog sets the record straight by providing customers with accurate technical information about the Falcon sensor and any claims regarding the Channel File 291 incident. CrowdStrike has provided a Technical Root Cause Analysis and executive summary that describes the bug in detail.

In the rapidly evolving cybersecurity landscape, alignment between business priorities, IT, and cybersecurity strategies is crucial for organizational resilience. However, the 2024 LevelBlue Executive Accelerator, based on the 2024 LevelBlue Futures Report, reveals a significant disconnect among technology-related C-suite executives—CIOs, CTOs, and CISOs. This disconnect highlights how their divergent roles and priorities can lead to misalignment with broader business objectives.

A report from Darktrace has found that 62% of phishing emails in the first half of 2024 were able to bypass DMARC verification checks in order to reach users’ inboxes. “Building on the insights from the 2023 End of Year Threat Report, an analysis of malicious emails detected by Darktrace / EMAIL in 2024 underscores the implication that email threats are increasingly capable of circumventing conventional email security tools,” the report says.

New analysis shows users can be convinced to copy and paste malicious code on behalf of the attacker. I first saw this kind of attack earlier this month – where the user is asked to launch the Run dialog box and paste in a malicious command. I never thought I'd see something similar again, but I was wrong.