In the past, organizations could control how, when, and where their employees accessed sensitive data. Now, in the age of hybrid and remote work, employees can connect to company networks from any location over nearly any device. Safeguarding data while granting employees the access they need is a delicate balance. That’s where zero trust remote access solutions come into play.

The Cato CTRL and Cato Application Security Research teams recently discovered CVE-2023-49559, a directive overload Denial of Service (DoS) vulnerability in the gqlparser library, which is a crucial component in the development and running of GraphQL applications. The vulnerability is of medium severity (CVSS score of 5.3). The gqlparser library is an integrated component of the gqlgen Golang GraphQL server, widely used in web applications to handle GraphQL queries.

Are your legacy technologies slowing down your security operations? You’re not alone. Seventy percent of critical incidents take over 12 hours to resolve. Legacy SIEMs burden security teams with endless manual processes and agonizingly slow search speeds, delaying investigation and response while increasing the risk of a breach. The future of security requires next-gen SIEM technology built for scale and speed, powered by automation and AI.

This is the third article in a series about cloud-based attack vectors. Check out our last article about Cloud-Based ransomware! As Identity Access Management (IAM) becomes more complex, it becomes possible for an attacker to exploit the capabilities of legitimate permissions alone or in combination, escalating privileges and gaining potentially devastating levels of access. Because these privileges are legitimate, these attacks can be difficult to detect until the damage is already done.

Enterprise data consolidation and access have long posed significant challenges in the Security Operations Center (SOC). They often hinder security teams from effectively investigating and taking action on the vast amounts of data they are tasked with protecting. Traditional security tools frequently operate in isolation, lacking the compatibility to create a cohesive data strategy.

In the critical and constantly evolving identity security space, organizations are focused on three essential needs: While identity security disciplines like identity security posture management (ISPM), identity threat detection and response (ITDR) and privileged access management (PAM) address various aspects of these needs, none offer a complete solution.

In a time when everything said, whether factual, fake, or AI-created, may be recorded and posted on the internet, it’s more important than ever to ensure that what was recorded accurately represents a point in time. When someone claims you said, “I was Smoking on a flight, watching Star Wars, the best special effects movie of all time,” was that a false claim? Did they include the date and the context?

Today’s threat landscape is defined by adversaries’ increasing speed and quickly evolving tactics. Now more than ever, it is imperative organizations unify and accelerate their security operations to detect, identify and respond to threats at the rapid pace of the adversary. This isn’t always straightforward.

Email systems are vulnerable to a multitude of risks that can interfere with business operations. It’s impossible to embrace continuity without being fully aware of these risks, what they entail, and the repercussions that may follow. Here are the most common threats that organizations should be prepared for before and after they master BCP: There are many crisis types that can undermine your business continuity unless it’s enhanced with advanced solutions and protocols.

‍In response to the growing number of disparate cyber regulations across its member states, resulting in inconsistent cybersecurity practices, the EU drafted Directive 2022/2555, more commonly known as NIS 2. This sweeping directive, officially in effect in October 2024, aims to ensure a more uniform, proactive approach to cyber risk management across the union in the face of an interdependent market and increasingly costly risk landscape.