Cybersecurity from Santa, office surveillance, Apple work/life balance issues, & more – ESW #386

Adrian Sanabria

1. FUNDING: From Return on Security’s Security Funded Newsletter

   FUNDING

   • Upwind Secures $100M for a New CNAPP
   • Tuskira Emerges from Stealth with $28.5M and challenges categorization
   • Prompt Security raises $18M in a Series A
   • VISO Trust raises an additional $7M for Third Party Risk Management
2. NEW COMPANIES: North Pole Security

   Just raised a $4M Seed

3. NEW FEATURES: Fleet – Escrow Disk Encryption Keys
4. NEW TOOLS: GitHub – doxx/darkflare: DarkFlare Firewall Piercing (TCP over CDN)

   Endless ways to exfiltrate data...

5. NEW TTPS: The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access

   An amazing story and a no-brainer hacking technique that pen testers will never be allowed to use.

6. MARKET RESEARCH: Agentic Security Marketmap

   A useful market map of GenAI security startups

7. ESSAYS: Apple: Let us be Polymacous

   The Mac ecosystem - where you're still forced to log in with your personal Apple account if you want half the operating systems' features to work...

8. AI USE CASES: AI SOC in Action: 4 Ways Security Teams are Leveraging AI Today

   No surprises here, I don't think?

   1. Enhancing Threat Detection
   2. Automating Alert Triage with AI
      • Reducing Analyst Burnout
      • Solving Talent Shortage Problems
      • Streamlining Incident Investigation and Accelerating MTTD/MTTR
      • Automatically Prioritizing Alerts and Auto-Resolving False Positives
   3. Augmenting Threat Hunting
   4. Accelerating Malware Analysis
9. STUDIES: Modern workplaces increasingly resemble surveillance zones

   The original research is here: https://crackedlabs.org/en/data-work/publications/indoortracking

10. SQUIRREL: Futuristic Holodeck Display

    Awesome or lame?