Cybersecurity from Santa, office surveillance, Apple work/life balance issues, & more – ESW #386
This week, in the enterprise security news,
- Funding and acquisition news slows down as we get into the “I’m more focused on holiday shopping season”
- North Pole Security picked an appropriate time to raise some seed funding
- Breaking news, it’s still super easy to exfiltrate data
- The Nearest Neighbor Attack
- Agentic Security is the next buzzword you’re going to be tired of soon
- Frustrations with separating work from personal in the Apple device ecosystem
- We check in on the AI SOC and see how it’s going
- Office surveillance technology gives us the creeps
All that and more, on this episode of Enterprise Security Weekly.
Hosts
Adrian Sanabria
Principal Researcher at The Defenders Initiative
- 1. FUNDING: From Return on Security’s Security Funded Newsletter
FUNDING
- Upwind Secures $100M for a New CNAPP
- Tuskira Emerges from Stealth with $28.5M and challenges categorization
- Prompt Security raises $18M in a Series A
- VISO Trust raises an additional $7M for Third Party Risk Management
- 2. NEW COMPANIES: North Pole Security
Just raised a $4M Seed
- 3. NEW FEATURES: Fleet – Escrow Disk Encryption Keys
- 4. NEW TOOLS: GitHub – doxx/darkflare: DarkFlare Firewall Piercing (TCP over CDN)
Endless ways to exfiltrate data...
- 5. NEW TTPS: The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
An amazing story and a no-brainer hacking technique that pen testers will never be allowed to use.
- 6. MARKET RESEARCH: Agentic Security Marketmap
A useful market map of GenAI security startups
- 7. ESSAYS: Apple: Let us be Polymacous
The Mac ecosystem - where you're still forced to log in with your personal Apple account if you want half the operating systems' features to work...
- 8. AI USE CASES: AI SOC in Action: 4 Ways Security Teams are Leveraging AI Today
No surprises here, I don't think?
- Enhancing Threat Detection
- Automating Alert Triage with AI
- Reducing Analyst Burnout
- Solving Talent Shortage Problems
- Streamlining Incident Investigation and Accelerating MTTD/MTTR
- Automatically Prioritizing Alerts and Auto-Resolving False Positives
- Augmenting Threat Hunting
- Accelerating Malware Analysis
- 9. STUDIES: Modern workplaces increasingly resemble surveillance zones
The original research is here: https://crackedlabs.org/en/data-work/publications/indoortracking
- 10. SQUIRREL: Futuristic Holodeck Display
Awesome or lame?
