Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

6 Ways to Prevent Man-in-the-Middle (MitM) Attacks

In today’s cyber attack scene, data often takes a detour – straight through hackers’ systems. Unlike phishing or ransomware, which aim to trick users into handing over credentials or stealing data directly from systems, a Man-in-the-Middle (MitM) attack involves an unseen intermediary trying to fool each of two parties into thinking he’s the other one, capturing and/or altering information communicated between the parties, etc.

How attackers take advantage of Microsoft 365 services

According to our most recent cloud security report, most cloud security incidents are the result of compromised credentials for either human or non-human identities. Once an attacker successfully controls an identity, such as a highly privileged user account, they can quickly move to other areas of an environment, including prevalent targets like sensitive data stores. This pattern of behavior is similar across all cloud platforms and services.

Bigger and badder: how DDoS attack sizes have evolved over the last decade

Distributed Denial of Service (DDoS) attacks are cyberattacks that aim to overwhelm and disrupt online services, making them inaccessible to users. By leveraging a network of distributed devices, DDoS attacks flood the target system with excessive requests, consuming its bandwidth or exhausting compute resources to the point of failure. These attacks can be highly effective against unprotected sites and relatively inexpensive for attackers to launch.

The Hidden Costs of a SIEM: The Need for a New Approach

Maintaining robust cybersecurity defenses comes with significant costs, but one area that often exceeds is the ongoing administration of Security Information and Event Management (SIEM) systems. The expenses associated with logging, storing, and managing SIEM data can escalate rapidly, especially when compounded by compliance and regulatory requirements. What are these hidden costs and how can you mitigate them while also ensuring compliance?

"One customer migrated 45 workflows in 60 days": A Q&A with Tines engineer Whitney Young

Why are so many security teams migrating from legacy SOAR tools to next-gen solutions? This was one of the topics up for discussion as Tines engineer Whitney Young joined host Adrian Sanabria on the Enterprise Security Weekly podcast. Read on for a behind-the-scenes look at Whitney’s process for legacy SOAR migrations, including her top tips for teams considering a switch.

Jit Achieves AWS Security Competency: A Milestone in Developer-First Security Innovation

We’re thrilled to announce that Jit has achieved the AWS Security Competency, a significant milestone that underscores our commitment to revolutionizing product security for developers and security teams alike. This recognition from AWS validates our leadership in the security space and highlights the value we bring to organizations looking to embed automated security into their development workflows.

Python NodeStealer Targets Facebook Ads Manager with New Techniques

In September 2024, Netskope Threat Labs reported a Python-based NodeStealer targeting Facebook business accounts. NodeStealer collects Facebook and other credentials stored in the browser and its cookie data. For over a year, we have tracked and discovered multiple variants of this infostealer. It is now targeting new victims and extracting new information using new techniques. In this blog post, we will dissect the development of the Python NodeStealer from multiple samples in the wild.

Vanta unveils new product innovations to move compliance beyond the standard

These days, the bar for proving trust keeps getting higher. A SOC 2 report used to signal the end of security reviews—now, it marks the beginning. Security and GRC teams are tasked with monitoring and remediating a growing web of controls, vendors, questionnaires, and risks, which is made even more complex by discerning buyers.

Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 & CVE-2024-9474

On November 18, 2024, Palo Alto Networks (PAN) fully disclosed two serious vulnerabilities in PAN-OS software that had previously been partially disclosed on November 8th. The first vulnerability, CVE-2024-0012, is a critical severity (9.3) authentication bypass in the PAN-OS management web interface. It allows unauthenticated attackers with network access to gain administrator privileges by bypassing the authentication check entirely, essentially telling the server not to check for authentication at all.