Given the high level of complexity in securing enterprise IT systems, it can be extremely difficult to keep track of changes in the organization’s overall security posture. It’s even more complicated to ensure that the dozens of security controls in place to protect the organization’s IT (and OT) assets are functioning properly and configured securely.

The cybersecurity landscape has recently been shaken by a surge in activity involving a Mirai distributed denial-of-service (DDoS) botnet variant known as CatDDoS. Over the past three months, threat actors have aggressively exploited more than 80 vulnerabilities to spread this malware. In this blog, we explore the recent CatDDoS attacks, the targeted sectors, and the implications for cybersecurity practices.

When former University of Tennessee women’s basketball coach Pat Summitt retired in 2012, she had more wins than anyone in college basketball history. And yet, when asked about winning, the Vols legend is famously quoted as saying: “Winning is fun … Sure. But winning is not the point. Not giving up is the point. Never letting up is the point. Never being satisfied with what you’ve done is the point.”

At the end of April 2024, we introduced Semantic Versioning and release channels to Snyk CLI, changes that were well received by our customers. Building on that momentum, we aim to design the CLI so that it not only helps you do your job well but also brings you joy in doing so. We invite you to accompany us on this path to discover together. In today’s blog post, Neil and I, the design and product duo for Snyk CLI, will share the following three things with you.

Threat actors prefer deploying tools which appear genuine and expected in a business IT environment. This provides camouflage for their toolset, blending into organisations' application portfolios. NetSupport Manager, a remote access tool, has been utilised by system administrators since its release in 1989 and has been used by threat actors since at least 2016.

What and where is our most critical data or system(s)?

Threats to sensitive data are everywhere. From sophisticated cybercriminal syndicates to accidental exposure to nation-state-backed advanced persistent threat (APT) groups and everything in between, it's never been more critical for organizations to have the correct data protection tools.

Last week, CISA added CVE-2024-1086 to its Known Exploited Vulnerability Catalog. CVE-2024-1086, a use-after-free vulnerability in the Linux kernel’s netfilter, was disclosed on January 31, 2024 and assigned a CVSS of 7.8 (High). If successfully exploited, it could allow threat actors to achieve local privilege escalation. While there was no evidence of active exploitation at the time of disclosure, we have since observed adversaries targeting CVE-2024-1086 in the wild.

CISOs face more cybersecurity challenges today than ever. As technology gets more advanced, so do the bad guys. Cyberattacks are becoming more clever and dangerous. On top of that, there’s no shortage of rules, regulations, and personal risk that CISOs must navigate. We surveyed 200 CISOs to better understand the biggest challenges they face today. Here’s some of what we learned.

Insights about getting started with the MITRE ATT&CK framework, including real-world examples for integrating and improving detection capabilities.