This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On July 12, 2024

Monday 7/8

The Growing Dichotomy of AI-Powered Code in Cloud-Native Security (Palo Alto Networks)

Amidst the allure of newfound technology lies a profound duality – the stark contrast between the benefits of AI-driven software development and the formidable security risks it introduces.

https://www.paloaltonetworks.com/blog/2024/07/the-growing-dichotomy-of-ai-powered-code-in-cloud-native-security/

Tuesday 7/9

You Cannot Pass ft. Bryon Singh, RailWorks Corporation

https://www.gothamtg.com/blog/you-cannot-pass

New cyberattack targets iPhone Apple IDs. Here's how to protect yourself.

A new cyberattack is targeting iPhone users, with criminals attempting to obtain individuals' Apple IDs in a "phishing" campaign, security software company Symantec said in an alert Monday.

https://www.cbsnews.com/news/cyberattack-iphone-apple-ids-how-to-protect-your-data/

Proactively Secure Serverless Functions Across AWS, Google Cloud and Azure with Falcon Cloud Security (CrowdStrike)

Cloud security is inherently complex, especially for emerging cloud technologies like serverless functions, which require strong collaboration between security and DevOps teams. These new protections from CrowdStrike strengthen the bridge between security and DevOps, allowing teams to innovate fast while keeping their serverless environments secure.

https://www.crowdstrike.com/blog/secure-serverless-functions-with-falcon-cloud-security/

Wednesday 7/10

The Top 10 Ransomware TTPs (Arctic Wolf)

With attacks and attack complexity increasing, it’s understandable that IT and security teams can feel like they’re fighting a losing battle against ransomware. But the security experts at Arctic Wolf Labs have identified ten major threat actor tactics, techniques, and procedures (TTPs) found in the majority of incident response engagements.

https://arcticwolf.com/resources/blog/the-top-10-ransomware-ttps/

Re-Introducing the VDI Handbook: Best Practices for Implementing Citrix VDI & DaaS (Citrix)

This handbook aims to show how virtualization and access challenges can be resolved in a manner that is technically sound but also feasible and effective for organizations facing deadlines and other organizational challenges.

https://www.citrix.com/blogs/2024/07/09/re-introducing-the-vdi-handbook-best-practices-for-implementing-citrix-vdi-daas/

Eliminate Lateral Movement Attacks with AI-Powered App Segmentation and Intelligent Policy Recommendations (Zscaler)

In today's dynamic digital landscape, traditional security models are no longer sufficient to protect against sophisticated threats. Organizations need to transition to a zero trust approach, where implicit trust is eliminated, and every access request is continuously validated.

https://www.zscaler.com/blogs/product-insights/eliminate-lateral-movement-attacks-ai-powered-app-segmentation-and

Thursday 7/11

Announcing Secure Application Workspaces with Pure Storage (Pure Storage)

Secure Application Workspaces (SAW) is now available with FlashBlade® and FlashArray™ with Purity updates, beginning in July 2024. Learn more about how this allows storage administrators to logically divide storage to better align with upstream demands.t

https://blog.purestorage.com/purely-technical/announcing-secure-application-workspaces-with-pure-storage/

Why Implementing Identity Security Doesn’t Have to Be Complicated (CyberArk)

Identity security is not only a complex and flexible tool but also a vital and urgent one. The traditional perimeter-based security model is no longer sufficient in the era of cloud computing, remote work and mobile devices.

https://www.cyberark.com/resources/blog/why-implementing-identity-security-doesnt-have-to-be-complicated

Friday 7/12

Nearly all AT&T cell customers’ call and text records exposed in a massive breach

The call and text message records of tens of millions of AT&T cellphone customers and many non-AT&T customers in mid-to-late 2022 were exposed in a massive data breach, the telecom company revealed Friday.

https://www.cnn.com/2024/07/12/business/att-customers-massive-breach/index.html

June 2024’s Most Wanted Malware: RansomHub Takes Top Spot as Most Prevalent Ransomware Group in Wake of LockBit3 Decline (Check Point)

Check Point’s Threat Index highlights a shift in the Ransomware-as-a-Service (RaaS) landscape, with RansomHub surpassing LockBit3 to take top stop as the most prevalent group. Meanwhile, researchers identified a BadSpace Windows backdoor campaign spread via fake browser updates

https://blog.checkpoint.com/research/june-2024s-most-wanted-malware-ransomhub-takes-top-spot-as-most-prevalent-ransomware-group-in-wake-of-lockbit3-decline/

Data Security Posture Management Demystified (Rubrik)

Data Security Posture Management (DSPM) is an approach to data security that solves one of the most complex issues in modern hybrid environments - knowing where all your data is and how it is secured.

https://www.rubrik.com/blog/technology/24/6/data-security-posture-management-demystified