Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Blogs

WordPress Plugin and Theme Developers Told They Must Use 2FA

Developers of plugins and themes for WordPress.org have been told they are required to enable two-factor authentication (2FA) from October 1st. The move is intended to enhance security, helping prevent hackers from gaining access to accounts through which malicious code could be injected into code used by millions of websites running the self-hosted version of WordPress.

Protecting APIs from abuse using sequence learning and variable order Markov chains

Consider the case of a malicious actor attempting to inject, scrape, harvest, or exfiltrate data via an API. Such malicious activities are often characterized by the particular order in which the actor initiates requests to API endpoints. Moreover, the malicious activity is often not readily detectable using volumetric techniques alone, because the actor may intentionally execute API requests slowly, in an attempt to thwart volumetric abuse protection.

Inside the Cloud: Cloud-Based Ransomware

This is the second in a series of articles about cloud-based attack vectors. Check out our last article about admin takeovers! Inside the Cloud: Attacks & Prevention – Administrative Account Compromise Ransomware has long been associated with takeovers of endpoints. However, attackers are evolving to target cloud environments – and the effects can be devastating.

Introducing Tines Workbench

You trust us with your most important workflows, and we take that trust seriously. In developing AI in Tines, we’ve been laser-focused on helping users leverage AI without exposing their organizations to security and privacy risks. But we also spoke with so many teams struggling to fully realize AI's potential impact. They wanted AI to do more, while still preserving those all-important security and privacy guardrails.

From Zelle to Your Wallet: The Mechanics of Third-Party Phishing

Over the past year, BlueVoyant’s cyber threat analysts have identified a significant rise in third-party phishing tactics, most notably with a campaign impersonating the Zelle digital payment service. By mimicking a well-known payment site like Zelle, threat actors can evade detection more effectively while collecting credentials and personally identifiable information (PII) from online users of hundreds of financial institutions.

Crystal Rans0m: Emerging hybrid ransomware with stealer capabilities

Crystal Rans0m is a previously undocumented hybrid ransomware family developed in Rust programming language seen for the first time in the wild on September 2nd, 2023. Interestingly, it does not only encrypt victim’s files, demanding a ransom for their release, but also steals sensitive information from the infected systems. This dual-threat approach means that attackers can double their leverage over victims, potentially increasing their chances of monetizing their attacks.

What's new in Cloud SIEM Content Packs: September 2024

Implementing a security incident and event management (SIEM) system can be complex and often requires considerable expertise. Teams need to configure a variety of data sources and ensure their SIEM can scale with growing data volumes. In addition, users need time to learn the system, which can delay value realization. And SIEMs also need continuous maintenance to ensure threat intelligence, detection rules, and integrations are up to date.

Critical triggers to reassess your SIEM: when and why to evaluate

You wouldn’t drive a car that hasn’t been serviced in a decade. So why are you still trusting a legacy SIEM solution? The world of cybersecurity is in a constant state of flux, and your security information and event management (SIEM) needs to keep up. If you’re not regularly reassessing it, you might as well roll out the red carpet for hackers. Let’s discuss when and why you should seriously consider giving your SIEM a much-needed check-up.