In recent weeks we’ve covered how criminals use bots to steal accounts across the web. Credential stuffing tools make this easy and quick to do. If you missed it, watch a live demo of the process in this webinar. In this post we’ll look in more detail at what happens next. How do criminals monetize stolen accounts? To answer this, we’ll use the example of streaming services – one of the quickest and easiest commodities for crooks to shift and make a quick profit.

“Never trust; always verify.” That’s the philosophy that drives the Zero Trust model, and it represents a major shift from the previous motto: “Trust but verify.” As threat actors have become more sophisticated, organizations have shifted their security frameworks away from a network-centric model and toward an identity-first model. Zero Trust assumes that every attempt to access an organization’s digital assets is from a threat actor until it can be proven otherwise.

This article explains what IGA is and the benefits it offers. It also clears up some misconceptions about IGA and offers guidance about what to look for when assessing candidate IGA solutions.

Every organization faces data security threats, which become more complex when integrating technologies like cloud computing or hybrid working options. That’s why it is critical to implement robust data protection to safeguard critical assets such as intellectual property, personally identifiable information, and sensitive financial data. This challenge is further augmented by the growing number of regulations imposed by governmental and industry bodies.

The EU tightens cybersecurity requirements for critical infrastructure and services with the new NIS2 Directive – what does this mean for small businesses?

Look closer before clicking that link at the top of your search results.

Enterprise browsers are built on a sensible idea, but how they work in practice can be another story.

The growing complexity of networks and connected devices makes implementing effective cybersecurity an increasingly complicated task. While businesses have shown more awareness of the need to elevate their security posture in recent years, several fundamental cyber hygiene issues still need to be addressed.

Welcome to the Threat Context monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber Threat Intelligence team. Here’s what you need to know from August.

NOTE: This research was recently presented at Black Hat USA 2024, under the title “From MLOps to MLOops – Exposing the Attack Surface of Machine Learning Platforms”. The JFrog Security Research team recently dedicated its efforts to exploring the various attacks that could be mounted on open source machine learning (MLOps) platforms used inside organizational networks.