For security leaders, staying vigilant and prepared is like wielding a well-crafted spellbook. OWASP, MITRE ATT&CK, and threat research are the critical chapters in this spellbook that leaders need to leverage to anticipate and counter emerging threats effectively, because you can’t afford for your organization to be ensnared by threats that could have been foreseen.

Because cyber dangers are always changing, businesses are moving toward safer and more proactive ways to keep their data and networks safe. Zero Trust Security is one of these frameworks that is becoming more popular. It is based on the idea of "never trust, always verify." Zero Trust constantly checks and authorizes every user and device before letting them access sensitive data or systems. This is done instead of thinking that internal users or devices are reliable.

In artificial intelligence (AI), especially within natural language processing (NLP), tokenization is a fundamental process that breaks down text into smaller, manageable units known as tokens. Depending on the specific task and model, these tokens can be individual words, subwords, characters, or even symbols.

Did you know that 68% of companies that hunt threats see their overall security improve? Cyber-attacks are getting trickier and more frequent. Thousands of new vulnerabilities emerge each month, and malicious actors are using advanced techniques—like fileless attacks—to bypass traditional defenses. If you still use outdated tools, you put your company at big risk. Serious threats like ransomware can mess up your systems leaving you open to bad breaches.

I’ve been working as an Application Security Auditor in Oupost24’s web application security testing team for almost three years now. Our team have shared several pieces of research over the past year, on topics including cross-site request forgery, cross-site scripting attacks, and weaponizing permissive Cross-Origin Resource Sharing (CORS) configurations.

Today, we published the Q3 2024 Cato CTRL SASE Threat Report, which summarizes findings from Cato CTRL’s analysis of 1.46 trillion network flows across more than 2,500 customers globally between July and September 2024.

IONIX today announced the release of our Cloud Exposure Validator, a tool designed to reduce cloud vulnerability management noise shifting focus to findings that represent the biggest threats. The Validator addresses the growing challenges organizations face in managing cloud security risks effectively. This blog post explains how.

Blind Cross-Site Scripting is a type of Cross-Site Scripting attack in which the injected script is executed in the context of another page and different circumstances compared to the page in which it was inserted. Blind XSS differs from regular XSS attacks as the attacker cannot see the effect of the injected script in his or her browser since the script is executed in a place that the attacker can not access.

A critical authentication bypass vulnerability has been identified in the WordPress plugin Really Simple Security (formerly known as Really Simple SSL), affecting both its free and Pro versions.

External risks, such as cyber scams, ransomware, and identity theft, often steal the limelight. Just look at the numbers: our threat lab reports that 105,571 malware attacks have been blocked daily in the last month, translating into one incident every second. However, insider threats, while more difficult to detect, can be just as damaging to organizations.