Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cato networks

How Cato Turns Identity Noise Into High-Confidence Detections

Feb 16, 2026 By Dr. Guy Waizel In Cato Networks
Jeremy, the Head of IT, thought it was a normal Monday until his help desk was overwhelmed with login complaints. 37 employees couldn’t log in. Password resets were happening that nobody could explain, and some devices seemed to vanish from the identity directory. The worst part was that the identity logs did not show a clear break-in. There was no obvious malware and no dramatic spike, only routine-looking admin activity.
Read Post
Public Wi-Fi vs Secure Mobile Data: What Remote Workers Need to Know

Public Wi-Fi vs Secure Mobile Data: What Remote Workers Need to Know

Feb 16, 2026 By SecuritySenses In SecuritySenses
You can work from almost anywhere today, cafés, airports, hotels, even park benches. Free public Wi-Fi makes it easy to jump online fast. But is it really safe? Many remote workers don't think about security until something goes wrong. One weak network can expose emails, client files, passwords, and payment details in minutes. On the other hand, secure mobile data offers more control and privacy-but may cost more. So which option should you trust with your work? In this guide, we'll break down the real risks, clear up common myths, and help you choose the safest connection for your remote setup.
Read Post
What Network Observability Reveals That Traditional Monitoring Misses

What Network Observability Reveals That Traditional Monitoring Misses

Feb 15, 2026 By SecuritySenses In SecuritySenses
Modern enterprise networks have evolved into complex ecosystems that span multiple cloud environments, hybrid infrastructures, and countless interconnected devices. While traditional network monitoring has served organizations for decades, the increasing sophistication of cyber threats and the exponential growth in network traffic demand a more nuanced approach. Network observability emerges as the next evolution, providing unprecedented visibility into network behavior that traditional monitoring simply cannot match.
Read Post
WatchGuard

How to Protect Identity in a World Without VPNs

Feb 13, 2026 By Carlos Arnal In WatchGuard
For years, cybersecurity relied on a perimeter-based model, where the network defined the boundary between what was secure and what wasn’t. With the adoption of cloud computing, SaaS applications, and hybrid working, that control has shifted to identity, making credentials the primary target for attackers.
Read Post

Episode 8 - Enterprise Nervous System: Using Network Signal to Direct Business Strategy

Feb 12, 2026 By Corelight In Corelight
In this episode of Corelight Defenders, I’m joined by Bernard Brantley, Chief Information Security Officer at Corelight, as we delve into the concept of the enterprise nervous system. Bernard shares insights from his extensive experience in network analysis, explaining how organizations can leverage their network traffic data to enhance security and drive business outcomes. We discuss the importance of understanding the interdependencies between assets, processes, and goals, and how security teams can position themselves as integral to business success rather than just risk mitigators.
View Video
cato networks

Cato CTRL Threat Research: Foxveil - New Malware Loader Abusing Cloudflare, Discord, and Netlify as Staging Infrastructure

Feb 11, 2026 By Dr. Guy Waizel In Cato Networks
Cato CTRL has identified a previously undocumented malware loader we track as “Foxveil.” We observed evidence that the malware campaign has been active since August 2025, and we observed two distinct variants (v1 and v2). Foxveil behaves like a modern initial-stage loader: it establishes an initial foothold, frustrates analysis, and retrieves next-stage payloads from threat actor-controlled staging hosted on Cloudflare Pages, Netlify, and, in some cases, Discord attachments.
Read Post
lookout

Lookout Expands Protection Following Google's Disruption of the IPIDEA Proxy Network

Feb 11, 2026 By Lookout In Lookout
Last week, Google’s Threat Intelligence Group announced the disruption of IPIDEA, one of the largest and most abused residential proxy networks observed in the wild. IPIDEA quietly turned millions of consumer devices into proxy exit nodes, enabling cybercrime, espionage, and botnet activity—while putting users and enterprises at risk. At Lookout, we acted immediately.
Read Post
foresiet

FortiOS VPN Auth Bypass Flaw (CVE-2026-22153) Exposes Remote Access

Feb 11, 2026 By foresiet In Foresiet
LDAP is commonly used as a centralized authentication backend for VPN gateways. In a typical setup, users submit credentials to the VPN service, which forwards them to the LDAP server for validation. The VPN gateway then grants or denies access based on the response it receives. CVE-2026-22153 does not rely on malformed packets or memory corruption. Instead, it stems from flawed authentication logic, where certain LDAP response states can be misinterpreted under specific configurations.
Read Post
manageengine

DDI Central 6.1: Now with Windows credentials management, Windows bulk server import, RBAC for subnets and hosts, improved cluster dashboard, and more

Feb 10, 2026 By adithya.lk@zohocorp.com In ManageEngine
With the release of DDI Central 5.6, we brought in some of the major features—anomaly detection, DNS query and DHCP lease forecasting, record monitoring, zone versioning and Cisco DHCP integration—all to help you seamlessly and securely manage your organization's network operations. Now, DDI Central has come up with new enhancements and facilities with the new release DDI Central 6.1 this year.
Read Post
Arctic Wolf

CVE-2026-21643: Critical SQL Injection in FortiClientEMS

Feb 9, 2026 By Julian Tuin In Arctic Wolf
On February 6, 2026, Fortinet released fixes for a critical vulnerability in FortiClientEMS, tracked as CVE-2026-21643. The flaw arises from improper neutralization of special elements used in SQL commands in the FortiClientEMS GUI (web interface) that can allow an unauthenticated remote threat actor to execute unauthorized code or commands.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.