Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today’s modern supply chains can be large and complex, involving many suppliers doing many different things. As digital transformation initiatives have accelerated, the ecosystem of suppliers has exploded. Effectively securing the supply chain is hard because vulnerabilities can be inherent, or introduced and exploited, at any point in the supply chain. Unfortunately, a compromised software supply chain can cause significant damage and disruption.

Medusa ransomware pivots to extortion, Infostealers evade macOS anti-malware, and the FBI and CISA issue a joint advisory for Androxgh0st malware.

CI/CD pipelines can be exploited in a number of ways and we're going to share a few with you.

The average cost of invoice fraud to middle-market businesses is almost $280,000 per year. Invoice fraud affects businesses of all sizes, and the levels of fraud have increased in part because it’s not possible to authenticate all invoices that come in manually, with many businesses paying out invoices without authentication if they’re under a certain amount. Today’s information security rules and regulations can’t keep up.

The financial landscape has undergone a monumental transformation, ushering in an era of digital lending that departs from traditional methodologies to embrace more streamlined and tech-driven processes. This paradigm shift has not only modernized the lending landscape but has also redefined how individuals access credit and financial services.

Artificial intelligence (AI) has been a hot topic of discussion this year among tech and cybersecurity professionals and the wider public. With the recent advent and rapid advancement of a number of publicly available generative AI tools—ChatGPT, Dall-E, and others—the subject of AI is at the top of many minds. Organizations and individuals alike have adopted these tools for a wide range of business and personal functions.

2023 saw two concerning attacks on public water systems, highlighting the fragility and risk to utility systems. In Pennsylvania, malicious hackers breached the Municipal Water Authority of Aliquippa system the night after Thanksgiving. The criminals were making a political statement: the technology used to manage water pressure was developed by Israel, and the criminals used this opportunity to choose a side in the ongoing conflict.

Targeted attacks in cloud security are on the rise, hitting businesses big and small. This surge in threats puts developers like you in a crucial position. You’re not just coding – you’re on the front lines against a variety of cybersecurity risks that are growing and changing every day. With 80% of companies encountering at least one cloud security incident in the last year, the relevance and utility of Cloud Threat Detection (CTR) tools becomes particularly apparent.

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.