Mary had a long career in the UK government, working in senior roles in a range of agencies across counter terrorism, national security and law enforcement, including the Independent Police Complaints Commission and the Serious Organised Crime Agency. Her last executive role was as Director General for Crime, Policing and Fire in the Home Office.

OpenSSH, an application installed by default on nearly every Unix-like and Linux system, has recently come under scrutiny due to a critical vulnerability discovered by Qualys. Designated as CVE-2024-6387 and aptly named "regreSSHion," this flaw exposes Linux environments to remote unauthenticated code execution. The implications of this vulnerability are far-reaching, potentially affecting countless servers and infrastructure components across the globe.

Nightfall has been named a Leader in Data Loss Prevention (DLP), Sensitive Data Discovery, Data Security, and Cloud Data Security in G2’s Summer ‘24 reports. We’d like to extend a huge thank you to all of Nightfall’s customers and supporters for making this possible. We’re also happy to acknowledge the Nightfall team’s tireless innovation, all in pursuit of helping customers to protect their sensitive data across the sprawling enterprise attack surface.

In a recent security disclosure, Microsoft has warned more of its clients that Russian hackers have accessed emails exchanged between them and the company. This breach, attributed to the notorious "Midnight Blizzard" hacking group, has raised significant concerns about the security of communications with Microsoft.

Vulnerability management is the continuous process of identifying and addressing vulnerabilities in an organization’s IT infrastructure, while patch management is the process of accessing, testing, and installing patches that fix bugs or address known security vulnerabilities in software applications. Vulnerability management and patch management are crucial SecOps processes that protect IT assets against cyber threats and prevent unauthorized access to secure systems.

It’s impractical to operate security operations alone, using manual human processes. Finding opportunities to automate SecOps is an underlying foundation of Zero Trust and an essential architecture component for enterprise-scale SOCs. Let’s discuss what SOAR is, its common uses, and the future of SOAR with AI.

In a world where cyber espionage has become as common as a rainy day in London, the recent events surrounding the UK armed forces' payroll database have had us all raising our eyebrows higher than a butler's in a posh British drama. The plot twists in the world of cybersecurity often reminds me of a Bond film, albeit with fewer martinis and more malware.

Researchers at ESET warn that malvertising campaigns are impersonating AI tools to trick users into installing malware. The Rilide infostealer, for example, is being distributed via a malicious browser extension posing as Sora or Gemini. “In the case of the malicious browser extension, it is delivered to victims who have been duped into clicking on malicious ads, typically on Facebook, that promise the services of a generative AI model,” the researchers write.

This month's product updates and enhancements rollup includes Egnyte for MS Teams - Drag and Drop functionality, enhancements to the Document Room Portal, and user management on the Android mobile app. Please visit the articles linked below for more details.