Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Many countries across the globe are realizing the importance of the right to privacy in the digital era. The GDPR, the data privacy legislation for the European Union, came into force in 2018 and became the guiding star for an array of privacy laws. The Digital Personal Data Protection Act (DPDPA) by the Indian government is the latest privacy law aimed at protecting individuals’ privacy while ensuring hassle-free business operations.

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages. “On August 29, in the timespan from 11:25 to 12:25 UTC, Microsoft Teams chat messages were sent from two external Office 365 accounts compromised prior to the campaign,” the researchers write.

If you want to visualize how data flows across your connected applications, you can think back to that childhood game of Chutes and Ladders (also called Snakes and Ladders). As a kid, the board felt like a confusing grid that had the weirdest, seemingly arbitrary connections between blocks. In your modern digital environment, your Application Programming Interfaces (APIs) fulfill the same role that the ladders and chutes/snakes fulfilled, connecting disparate blocks across a larger whole.

Today, I’m honored to share that CyberArk has been named a Leader in the “2023 Gartner® Magic Quadrant™ for Privileged Access Management.” This is the fifth time our company has been positioned as a Leader in this report.

Web cache poisoning is a cyber attack that wreaks havoc on unsuspecting websites. It exploits vulnerabilities by caching mechanisms that web servers, proxies, and content delivery networks (CDNs) use, compromising data integrity. Malicious actors can use cache poisoning to deliver malicious payloads, tamper with sensitive information, or redirect users to fraudulent websites. In this article, we’ll comprehensively explore web cache poisoning attacks and how they work.

Finding deeply hidden and unexpected vulnerabilities early in the development process is key. However, time to invest in proactive tests is limited. Prioritizing speed over security is common. Our new AI-assistant CI Spark closes this gap and enables both speed and security. CI Spark makes use of LLMs to automatically identify attack surfaces and to suggest test code. Tests generated by CI Spark work like a unit test that automatically generates thousands of test cases.

Organizations need to protect themselves from the risks of running their business over the internet and processing sensitive data in the cloud. The growth of SaaS applications, Shadow IT and work from anywhere have therefore driven a rapid adoption of cloud-delivered cybersecurity services. Gartner defined SSE as a collection of cloud-delivered security functions: SWG, CASB, DLP and ZTNA. SSE solutions help to move branch security to the cloud in a flexible, cost-effective and easy-to-manage way.