Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Following our post “A Brief History of Game Cheating,” it’s safe to say that cheats, no matter how lucrative or premium they might look, always carry a degree of danger. Today’s story revolves around the developer of the popular EvolvedAim, a cheat for Escape From Tarkov. He sold his tool with an information stealer bundled with it, double-dipping and causing damage to his clients and to the game itself.

Over the short span of video game cheating, both cheaters and game developers have evolved in many ways; this includes everything from modification of important game variables (like health) by using tools like Cheat Engine. In addition, game botting impacts both game and real-life economies. However, using modern-day anti-cheat methods is also not without danger, as modern protection tools run on the kernel level and can be abused for malicious impact on the system.

Cybersecurity key performance indicators (KPIs) measure the efficacy of an organization’s cybersecurity program. In a rapidly changing threat landscape characterized by new identities, environments and attack methods, many potential KPIs exist to track. Measuring too many things can be distracting or misleading, while not measuring enough can create gaps in understanding and protection.

Okay, so you’re a security leader at your enterprise – congratulations! It’s a big, challenging role, as you know too well. You or a colleague are likely responsible for securing the cloud and legacy apps that drive critical revenue and customer engagement for your organization. But it’s not just the apps you need to secure.

In this episode of the Trust Issues podcast, we explore the transformative impact of artificial intelligence (AI) on identity security. Guest Peretz Regev, CyberArk’s Chief Product Officer, joins host David Puner, for a discussion about how AI is reshaping cyber protection, offering solutions that are as intelligent as they are intuitive. With the ability to predict threats and adapt with unprecedented agility, AI is ushering in a new era of proactive security.

Watching the recent Snowflake customer attacks unfold felt a bit like rewatching a horror movie with predictable attack sequences and missed opportunities to run to safety. But this time, the ending was far more devasting. More than 100 organizations were exposed, and many are now grappling with the impacts of data theft and extortion in what some are calling one of the largest breaches in history.

During a recent customer engagement, the CyberArk Red Team discovered and exploited an Elevation of Privilege (EoP) vulnerability (CVE-2024-39708) in Delinea Privilege Manager (formerly Thycotic Privilege Manager). This vulnerability allowed an unprivileged user to execute arbitrary code as SYSTEM. CyberArk responsibly disclosed this vulnerability to Delinea, including the exploit proof of concept (POC) code, as part of our commitment to contributing to the security community.

Privileged access management (PAM) programs aim to secure the highest-risk access in an organization, including using privileged credentials like passwords, SSH keys and application secrets. So, how can PAM and identity security teams prepare for a passwordless future? The answer lies in a deeper examination of what ‘passwordless’ really means and how PAM programs are modernizing to protect new identities and environments.