Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I’m not big on acronyms or buzzwords. Like many executives, my eyes glaze over when I’m being prospected with an alphabet soup of technology terms I supposedly “need” to care about. So why, then, does the title of this article include Security Service Edge (SSE), Secure Access Service Edge (SASE), and Zero Trust? Despite our justified disdain for acronyms, the ideas behind these terms hold genuine importance for business leaders.

2022 saw several significant and historical cases in the ransomware industry, new players were introduced and some already have caused major damage to top-of-the-line organizations around the world. Although LAPSUS$ commenced its operations in December 2021, they have made its greatest impact in 2022, compromising major organizations such as NVIDIA, Vodafone, Samsung Microsoft, LG and Okta.

Trustwave is actively tracking the threat of Lapsus$ for our clients. We encourage all organizations, especially those part of the digital supply chain, to remain vigilant and ensure that cyber best practices are implemented. We are actively investigating all unusual login behaviors for clients that use Okta. For more information on the Okta incident, please visit their blog. Trustwave does not use Okta. Actionable security recommendations for organizations can be found below.

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Two days ago, several of our automated analyzers started alerting on a set of packages in the npm Registry.

Rubrik CDM is scale-out and fault-tolerant. Our software runs as a clustered system consisting of multiple nodes, where each node runs an identical copy of our software stack; each node is equally able to perform operations like data protection and recovery. To increase capacity a user simply adds more nodes. The system continues to operate when a node fails, other nodes pick up the workload while the node is offline. Scale-out, fault-tolerant products are built on distributed systems.

As any company that specializes in live entertainment knows, you're only as good as your last success. In fact, most entertainment venues are well aware that the difference between good and bad press attention often comes down to something as simple as whether a single bulb lights up at the right second.

We’re excited to announce that Nightfall is partnering with Virtru, a renowned leader in email and SaaS encryption, to provide customers with an encryption solution for securing PHI in Gmail and Google Drive. Combined with our existing Google Drive data loss prevention (DLP) integration, this new solution will provide fully integrated compliance and security coverage for Google Workspace.

Cybersecurity is more important today than ever before, with virtual threats surging to historic highs. Organizations in every industry need to take steps to protect themselves from cybercrime. A few sectors, in particular, should be especially concerned about safety. These industries are at the highest risk of being targeted by cyberattacks, with damages that can cost billions of dollars.

Having conducted more than 3,200 incident response engagements in 2021, Kroll’s Threat Intelligence team now tracks more than 200 ransomware threat actor groups. Kroll’s global Incident Response teams are very familiar with actions traditionally associated with a network intrusion, from initial access to lateral movement to privilege escalation to data exfiltration—and in the case of financially motivated actors, ransomware deployment.

Last December, ThreatQuotient announced it had achieved SOC 2 Type II compliance for the ThreatQ Platform. The milestone is significant because it demonstrates third-party validation that ThreatQuotient continues to meet and exceed industry security standards, previously verified by Type I.