Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The rapid growth we see ourselves in regarding technology has caused businesses to change to digital methods to secure data quickly. The time limitations businesses face to secure their data quickly and effectively may cause the security standards to drop, leaving companies wide open to cybercrime. Cybercrime remains a global problem in 2023, reflected in the rising costs of data breaches and increased attacks on businesses and people’s data.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A bit of a nightmare has surfaced…

GitGuardian scored a whopping eighteen G2 badges for Fall 2023, including Leader badges in two categories. Read on for details.

In 2019, I founded and served as the CEO of a cloud security company (C3M), a journey that eventually led to our acquisition by CyberArk in 2022. Back then, the cloud security scene was budding, filled with migration buzz and a shifting urgency around securing the cloud. Acronyms like CSPM (cloud security posture management) were emerging, and enterprise security leaders grappled with where to begin. Jump to 2023, and cloud security has transformed.

Splunk is proud to announce we’ve been granted four 2023 PeerSpot Tech Leader Awards! This honor is extended to just the top three solutions in four categories on the PeerSpot Buying Intelligence Platform. We’re particularly thrilled to be recognized by real users of Splunk Enterprise Security and Splunk SOAR that can speak to their features, functionality, and the business value they drive for their organizations.

The most often recommended piece of anti-phishing advice is for all users to “hover” over a URL link before clicking on it. It is great advice. It does assume that the involved users know how to tell the difference between rogue and legitimate URL links. If you or someone you know does not know how to tell the difference between malicious and legitimate URL links, tell them to watch my one-hour webinar on the subject. We are going to recommend a slight update on the rule.

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial services, insurance, property management and real estate, and manufacturing.

Gartner issued a press release that forecasted global security and risk management end-user spending to reach $188.1 billion, along with worldwide end-user spending on security and risk management projected to be $215 billion in 2024.

In an era where humans are becoming closer and closer to technology, it is reshaping the way we work and do business. This was a prevalent theme from the Microsoft Power Platform 2023 conference, and it was great to experience the event as it provided insight into the cutting-edge tools and strategies driving the next wave of business productivity.

Recently, Qualys discovered and reported a critical vulnerability affecting the popular GLIBC ecosystem, which is installed by default on most Linux-based operating systems. Specifically, a buffer overflow was found in the code responsible for handling special environment variables during the startup of a process which can result in a local privilege escalation. Fortunately, exploitation of this vulnerability can be detected by Falco.