Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On March 1, 2024, SolarWinds published a security advisory reporting that SolarWinds Security Event Manager (SEM) is vulnerable to a high severity vulnerability that allows an unauthenticated threat actor to achieve remote code execution (RCE), CVE-2024-0692. The vulnerability lies in the configuration of the AMF deserialization endpoints. Exploitation can occur due to insufficient validation of user-provided data, allowing untrusted data to be deserialized.

Legacy data leak prevention (DLP) solutions are failing. Simply put, they weren’t built for business environments rooted in SaaS apps and generative AI (GenAI) tools. Meanwhile, security threats are evolving at a breakneck pace, with as many as 95% of enterprises experiencing multiple breaches a year. New attack surfaces are unfurling at a rapid rate following the switch to hybrid and cloud-based workspaces.

The US Department of Defense (DoD) has vast reserves of data, and the key to warfighter advantage is leveraging relevant data as a strategic asset to gain battlespace operational advantage, accelerating operational multi-domain decision-making at echelon scale.

Microsoft has been experienced a sustained attack by Russian-backed nation-state attacker Midnight Blizzard (also known as NOBELIUM). This blog examines all we know so far.

The rise of ChatGPT and Generative AI has swept the world by storm. It has left no stone unturned and has strong implications for cybersecurity and SecOps. The big reason for this is that cybercriminals now use GenAI to increase the potency and frequency of their attacks on organizations. To cope with this, security teams naturally need to adapt and are looking for ways to leverage AI to counter these attacks in a similar fashion.