SecOps teams at midsize companies face a unique set of challenges when it comes to managing organizational cybersecurity. Midsize companies (those with 100-999 employees and $50 million-$1 billion in annual revenue, according to Gartner) possess significant financial resources and valuable data that may be targeted by digital adversaries.

We made our WAF Machine Learning models 5.5x faster, reducing execution time by approximately 82%, from 1519 to 275 microseconds! Read on to find out how we achieved this remarkable improvement. WAF Attack Score is Cloudflare's machine learning (ML)-powered layer built on top of our Web Application Firewall (WAF). Its goal is to complement the WAF and detect attack bypasses that we haven't encountered before.

One of the recent email scams of the past few months is the Geek Squad scam. Similar to other phishing scams, this scam involves cybercriminals impersonating Geek Squad - a trusted tech support team from the American company Best Buy. As we learn more about the Geek Squad scam, including what it is and how to spot and prevent it, you will be able to protect yourself from it and learn techniques to defend yourself against present and future scams.

Enterprises today face significant challenges in managing, governing, and securing corporate data. Data moves and is shared more ubiquitously than we likely recognize. Through the use of large language models (LLMs), shared with third-party vendors, or exposed on the dark web, there are blind spots that hinder the security and IT teams’ visibility into where data resides and how and by whom it’s accessed.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! I’m sure some of you out are still dealing with the last week’s issue and never want to hear the word CrowdStrike again, well this might have helped.

Local administrator rights provide users with unrestricted access to their machines, enabling them to install applications, modify system settings and perform other administrative tasks. While this level of freedom can enhance productivity and flexibility, it also poses significant threats to security, compliance and business continuity. Accordingly, best practices recommend strictly limiting local admin rights.

Read also: A Scattered Spider member arrested in the UK, LockBit affiliates plead guilty, and more.

‍After cyber insurance rates skyrocketed from late 2020 to 2022, when the majority of the market had little choice but to switch to a completely remote way of working, prices have slowly started to drop. This new downward trend is promising, as organizations are increasingly searching for the most cost-effective ways to manage their cyber risks and offset potential losses.

Workflow automation offers huge potential benefits for security teams, including improved incident readiness, faster time to value, enhanced team retention, and reduced errors. Whether your team is planning to embrace security automation for the first time or enhance an existing program, a clear roadmap is essential. In this post, I'll share a step-by-step guide for security teams looking make the most of workflow automation and the technology that's allowing teams to work even faster, AI.

In this post, we explore a powerful, yet widely unknown attack vector which has emerged in the last couple of years known as ‘Repo Jacking’. During our research, we discovered the enormous potential to compromise software components with tens of millions of downloads across the Terraform IaC (Infrastructure as Code) and Composer (PHP package registry) ecosystems. Despite its power, Repo Jacking remains under-researched and frequently misunderstood.