Cybersecurity Decrypted #49

700+ Companies Caught By Salesforce Breach – Including Security Giants Palo Alto & Zscaler 

Hundreds of technology vendors have been impacted by a widespread supply chain attack exploiting an integration between Salesforce and Salesloft Drift, an AI chatbot app. The attackers aimed to exfiltrate data from customer’s Salesforce instances, including credentials like AWS access keys, passwords, and Snowflake-related access tokens.

Ransomware Gang Exploits Azure Tools To Delete Cloud Backups, Microsoft Warns

Microsoft has warned that the ransomware group Storm-0501 has been observed stealing large volumes of data, deleting cloud backups and demanding ransoms, without relying on traditional malware deployment. “Unlike traditional on-premises …cloud-based ransomware introduces a fundamental shift,” the company said.

WhatsApp Exploit Used in “Sophisticated” Apple Device Attacks 

WhatsApp has fixed a vulnerability that could have allowed a user to steal content from Apple iPhone and Mac device. This has reportedly been used in a sophisticated attack against a targeted user. The exploit allowed hackers to “trigger processing of content from an arbitrary URL on a target’s device.”

Hackers Demand Google “Fire” Senior Threat Researchers Or Face Data Breach 

A group of cybercriminals going by the name of Scattered LAPSU$ Hunters have threatened to leak Google data unless they fire two named threat researchers. The hackers did not supply any evidence they had actually compromised any Google data. However, as Newsweek reports, ShinyHunters had been linked to a breach of Google’s Salesforce after a voice phishing scam in August.

Podcast: Vibe Coding: A More Secure Future?

What if vibe coding — the wave of developers using AI assistants to generate code — could actually lead to better security outcomes? On this episode, host Joel Witts is joined by Manoj Nair, Chief Innovation Officer at Snyk, to explore how AI is transforming the way we build and secure software.

Podcast Trailer: Introducing Women in Cyber

On Monday, we’re launching our new podcast series dedicated to amplifying the voices of women across the cybersecurity industry. In each episode, Caitlin hosts a panel conversation that showcases not only the technical side of cybersecurity, but also the personal stories, diverse career paths, and unique perspectives that women bring to this field.

Subscribe now to become part of a community where women can share experiences, celebrate achievements, and spark conversations that challenge the traditional assumptions of who belongs in cybersecurity.

Article: Best Ways to Track and Manage Vulnerabilities in Your Organization 

This article explores the importance of vulnerability management, the key principles for building an effective process, and the common challenges that teams may encounter along the way.

Article: Creating A Mobile Device Management Strategy For MacOS And iOS 

How to create and implement a robust MDM strategy for MacOS and iOS device fleet.

Cybernews: Fresh AT&T data breach could impact 24M users, hackers claim

SecurityWeek: Cloudflare blocks record breaking DDoS attack

TheGuardian: Jaguar Land Rover manufacturing and retail ‘severely disrupted’ by cyber incident

SecurityWeek: Varonis Acquires Email Security Firm SlashNext

BleepingComputer: No, Google did not warn 2.5 billion Gmail users to reset passwords

• Remote Monitoring & Management (RMM)
• Mobile Device Management (MDM)
• Email Security
• Identity & Access Management (IAM)
• Phishing Simulation
• Multi-Factor Authentication (MFA)
• Cyber Threat Intelligence

Podcasts

• Expert Insights Podcast
• Expert Insights Game Changers
• Expert Insights Explainers

Advertising

• Advertise with us

Expert Insights helps security and IT professionals make smarter, faster cybersecurity decisions.

Join our community, stay ahead with our podcasts, and get essential insights in our weekly newsletter. Trusted by over one million businesses.