Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s Brand Phishing Report for Q4 2023. Check Point notes, “The technology sector stood out as the most targeted industry overall, with Amazon securing second place with 9% and Google in third at 8%.

Trained security awareness professionals are aware that whatever someone says about themselves and personal experiences can be used against them in a social engineering scam. It is always good to share that message, at least once a year with co-workers, family members, and friends. I was reminded of this latest news story discussing a recent Instagram and TikTok trend. Basically, users are sent (or send) a “survey” that asks the receiver to describe themselves.

Data lineage and data provenance are related terms, but different. Lineage focuses on the origins and movements of data over time, while provenance focuses on the transformations and derivations of data from original sources. Provenance helps teams to follow the source of data and verify its authenticity, surfacing any potential risks or vulnerabilities. In other words, lineage is more about “where” data travels, and provenance is more about the “what” of data history.

Today’s adversaries are moving faster than ever. With the quickest attacks happening in just 7 minutes, adversaries are compromising endpoints and moving laterally before security teams can respond.1 It’s critical for organizations to have the technology to stay ahead of them.

There’s a term to describe what happens to something that gets sucked into a black hole: “spaghettification.” The gravitational pull of a black hole is so forceful, that it is believed to stretch and compress objects into long thin shapes resembling spaghetti. SOC analysts spend their days trying to avoid being sucked into the black hole of overwhelming security events and alerts. They’re fighting to not be spaghettified.

Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively.

Part of being a part of the cybersecurity industry means looking ahead to the future and anticipating what’s to come. For most of us, we should expect a 2024 that is largely dominated by AI discussion. With the cybersecurity industry growing rapidly, AI is at the forefront of every organization’s cyber plans and plays an integral role in all technological advances.

Today’s cyber threat landscape necessitates that we, as defenders of the enterprise, place identities at the center of our detection, prevention and response efforts. Indeed, threat actor tactics and techniques observed in the wild demonstrate that credential theft presents a large risk to the confidentiality, integrity and availability of our systems - be they on premises or in the cloud.