Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Total Economic Impact of BlueVoyant Managed Detection and Response (MDR) Services

In today's increasingly hostile threat landscape, organizations are grappling with a lack of resources and overworked security operations teams, making effective, full-coverage threat detection and response a significant challenge. BlueVoyant Managed Detection & Response provides a cloud-native solution that offers end-to-end consulting, implementation, and managed security services with 24x7 security threat detection and response.

From Zelle to Your Wallet: The Mechanics of Third-Party Phishing

Over the past year, BlueVoyant’s cyber threat analysts have identified a significant rise in third-party phishing tactics, most notably with a campaign impersonating the Zelle digital payment service. By mimicking a well-known payment site like Zelle, threat actors can evade detection more effectively while collecting credentials and personally identifiable information (PII) from online users of hundreds of financial institutions.

Introducing Tines Workbench

You trust us with your most important workflows, and we take that trust seriously. In developing AI in Tines, we’ve been laser-focused on helping users leverage AI without exposing their organizations to security and privacy risks. But we also spoke with so many teams struggling to fully realize AI's potential impact. They wanted AI to do more, while still preserving those all-important security and privacy guardrails.

Inside the Cloud: Cloud-Based Ransomware

This is the second in a series of articles about cloud-based attack vectors. Check out our last article about admin takeovers! Inside the Cloud: Attacks & Prevention – Administrative Account Compromise Ransomware has long been associated with takeovers of endpoints. However, attackers are evolving to target cloud environments – and the effects can be devastating.

Protecting APIs from abuse using sequence learning and variable order Markov chains

Consider the case of a malicious actor attempting to inject, scrape, harvest, or exfiltrate data via an API. Such malicious activities are often characterized by the particular order in which the actor initiates requests to API endpoints. Moreover, the malicious activity is often not readily detectable using volumetric techniques alone, because the actor may intentionally execute API requests slowly, in an attempt to thwart volumetric abuse protection.

WordPress Plugin and Theme Developers Told They Must Use 2FA

Developers of plugins and themes for WordPress.org have been told they are required to enable two-factor authentication (2FA) from October 1st. The move is intended to enhance security, helping prevent hackers from gaining access to accounts through which malicious code could be injected into code used by millions of websites running the self-hosted version of WordPress.

1Password deepens partnership with CrowdStrike to streamline and simplify business cybersecurity

Together, CrowdStrike and 1Password are working to ensure every identity, application, and device is protected from threats. Now, you can get the combined power of 1Password and CrowdStrike for less when you bundle 1Password Extended Access Management and CrowdStrike Falcon Go.

CEL and Kubescape: transforming Kubernetes admission control

Admission control is a crucial part of the Kubernetes security, enabling the approval or modification of API objects as they are submitted to the server. It allows administrators to enforce business logic or policies on what objects can be admitted into a cluster. Kubernetes RBAC is a scalable authorization mechanism, but lacks the fine grained control over different Kubernetes objects. This creates the need for another layer of control which is Admission Policies.