Author: Staff Writer

Top Highlights Machine Identity Blind Spot: Non-human identities (NHIs), including service accounts and API keys, now outnumber humans by up to 100:1, creating significant security vulnerabilities with orphaned credentials and "zombie" secrets especially amidst increasing cloud adoption and automation. Secrets Sprawl Threat: GitGuardian’s research reveals that 70% of valid secrets in public repositories remained active over three years, fueling security breaches in major organizations, underscoring that compromised credentials are linked to over 80% of breaches. Insufficient Traditional Solutions: Existing secrets managers fail to address comprehensive NHI governance; they can inadvertently increase risks of secrets leakage, with GitGuardian noting higher risks…

KDAN, a leading global Software-as-a-Service (SaaS) provider, announced the launch of LynxPDF, a comprehensive enterprise PDF management solution that combines artificial intelligence-driven document processing with self-hosted deployment options. The platform addresses critical business challenges including data security compliance, workflow efficiency, and digital transformation for enterprises worldwide, offering advanced features like intelligent document processing (IDP), offline capabilities, and enterprise-grade encryption. LynxPDF offers core PDF functions such as editing, conversion, signing, and encryption, while supporting advanced enterprise features, including offline capabilities, self-hosted deployment, batch processing, and single sign-on (SSO). Leveraging AI-driven Intelligent Document Processing (IDP), LynxPDF can automatically extract data from documents,…

Essential Insights Fog Ransomware’s Unique Tools: Fog ransomware utilizes an unusual toolkit, including open-source pentesting tools and Syteca, a legitimate employee monitoring software that captures keystrokes and screen activity, enabling attackers to gather sensitive information undetected. Attack Methodology: Initially observed in May 2022, Fog hackers exploit compromised VPN credentials for network access, use "pass-the-hash" techniques for admin privileges, and employ vulnerabilities in Veeam Backup and SonicWall SSL VPN servers to execute attacks. Discovery and Analysis: Recent investigations by Symantec and Carbon Black revealed new attack tools during a financial sector incident in Asia, highlighting software like GC2 for command-and-control operations…

CyberArk, the global leader in identity security, announced console and partner program updates designed to help Managed Services Providers (MSPs) drive profitable identity security-based growth. CyberArk MSP Hub is an evolved SaaS-based management console that offers a one-stop-shop entry point for MSPs to offer the CyberArk Identity Security Platform to their customer base, and will be supported by a new MSP-optimized partner program. “In a hyper-connected world, selecting the right MSP is about finding a trusted partner that strengthens both daily operations and cybersecurity posture,” said Micheal Steele, Sr. Security Operations Manager, Optiv. “With CyberArk MSP solutions, we have maximized efficiency, enabling us to focus on…

Essential Insights Operation Secure: Interpol’s multi-month initiative, involving over two dozen countries, targeted infostealer malware campaigns originating in Asia, leading to significant law enforcement actions. Massive Takedown: Authorities dismantled 20,000 IP addresses and domains, seized 41 servers, and confiscated over 100 GB of data, resulting in the arrest of 32 suspects, primarily in Vietnam and Sri Lanka. Victim Notification: Over 216,000 potential victims were informed of their compromised data due to infostealer malware, prompting them to take corrective action. Focus on Infostealers: The operation concentrated on nearly 70 malware variants, including Lumma, Vidar, and META Stealer, highlighting a continuous threat…

CrowdStrike expands protection for NVIDIA Enterprise AI Factories, integrates Falcon Cloud Security with NVIDIA universal LLM NIM microservices and NeMo Safety for secure cloud deployment CrowdStrike announced the integration of Falcon Cloud Security with NVIDIA universal LLM NIM microservices and NeMo Safety, delivering full lifecycle protection for AI and over 100,000 large language models (LLMs) in collaboration with NVIDIA. Expanding CrowdStrike’s protection for Enterprise AI Factories with NVIDIA, this new integration enables customers to safely run and scale diverse LLM applications across hybrid and multi-cloud environments from day one. From build, to runtime, to posture management, the CrowdStrike Falcon® platform is securing every stage of AI innovation powered…

Unique AI Vulnerability Research Yields Breakthrough ‘EchoLeak’ Discovery: First Zero-Click AI Vulnerability in Microsoft 365 Copilot Aim Security, the fastest-growing AI Security Platform, announced the launch of Aim Labs, a new advanced vulnerability research division dedicated to uncovering and mitigating the most sophisticated threats targeting AI technologies. Led by former Google leaders and top alumni from Israel’s elite Unit 8200, Aim Labs unites a rare combination of deep AI research and advanced cybersecurity expertise to drive innovation and set new standards for real-time defense through the proactive sharing of high quality threat intelligence. Cyber Technology Insights : CyberArk Empowers MSPs with New Console…

New release delivers instant fleetwide insights and streamlined workload management for engineering teams Codiac announced the release of Codiac 2.5, a major update to its unified automation platform for container orchestration and Kubernetes management. Designed to simplify and accelerate every stage of the software delivery lifecycle (SDLC), the new release empowers organizations to deploy, scale, and secure containerized workloads across multi-cloud, on-premises, and hybrid environments from a single intuitive interface, including major enhancements such as real-time fleetwide observability, advanced zero-trust cluster management, and seamless enterprise ingress management. “We have 45 different services and we are adding more every month. Configuring…

“All-in-One” platforms combine a full suite of must-have cybersecurity capabilities on a single, simple solution, backed by around-the-clock expert support. This unified approach maximizes cybersecurity ROI by eliminating the need for: Multiple security vendors Expensive integrations Personnel redundancies Manual monitoring and incident handling The organizational advantages and bottom-line benefits are clear. But what about the day-to-day user experience for security analysts? In this webinar, we’ve invited Cynet experts to answer that question. Tune in as they pop the hood on their popular All-in-One Cybersecurity Platform (which made history in the most recent MITRE ATT&CK Evaluations) and simulate real-world threat…

New browser extension delivers just-in-time security visibility and guardrails at the Workforce Edge. Nudge Security announced a new browser extension for its SaaS and AI security governance solution that detects identity risks and guides employees toward safe, compliant SaaS and AI use in real time. Modern work happens at the Workforce Edge, where employees make daily, independent decisions about what SaaS and generative AI apps to adopt, what data to share, and who and what gets access—outside the bounds of traditional IT security perimeters and controls. Cyber Technology Insights : CyberArk Empowers MSPs with New Console and Program for Identity Security Services Since 2022, Nudge Security has…