Remote Code Execution (RCE) is an attack technique where an attacker can execute remote code on a target system or device while smiling from ear to ear without physical access. In this attack, a hacker exploits system weaknesses such as software, operating systems, or network protocols to gain unauthorized access and execute malware onto the target system.

Businesses are under an ever-increasing pressure to maintain exceptional experiences for their customers, making seamless connectivity across tools a must. This is true for industries like financial services that need to provide enhanced digital payments, or for healthcare organizations that need to share critical data across systems quickly. The need for connected infrastructures has become the norm.

Due to the increased network attacks, hacks, and breaches, the demand for secure services, protocols, and employees in cyber security is higher than ever for businesses, healthcare, education, and any other institute dealing with personal information. This demand is reflected in businesses' advertisements for cybersecurity professionals, and the United States Bureau of Labor Statistics forecasts a 32% increase in cybersecurity jobs from 2022 to 2032.

In the summer of 2022, a few Twilio employees received an odd text message. Appearing to be from the internal IT department, these messages suggested employees need to reset expiring passwords through a specific URL. However, neither the URL or the message was legitimate, and the threat actors controlled the URL. They essentially tricked employees into giving away credentials, resulting in the compromise of over 130 connected organizations.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A badly coded WordPress plugin again. Luckily it has been caught: Sneaky! DNS is such a great lure for using as a control channel. I’m really surprised its not used more: Oh dear. At least they found it in the end…

Recognizing the indicators of insider risk before they turn into threats requires a paradigm shift in the way we operate. It necessitates moving from a reactive mode of operation to proactive. And it requires data that is continuously captured and analyzed to enable security teams to easily see patterns and anomalies and gauge the level of risk of specific behaviors.

Last month, my colleague Arzu Ozbek Akay shared some insights about the impact that Bitsight Groma, our next-generation scanner, is already having on our products. Today, I’m going to follow that up with an update on the momentum we’re seeing with the second core component of our data engine: Bitsight Graph of Internet Assets (GIA). As a quick refresher, GIA uses advanced graph technology and AI models to map assets to specific organizations and build Ratings Trees at a global scale.

This blog is part of the ongoing “I&O Perspectives” series, which features insights from industry experts about the impact of current threats, networking, and other cybersecurity trends. As I embark on a new role with the Netskope Platform Engineering team, I am eager to explore how our company’s vision shapes the evolution of enterprise networking security.

When it comes to cybersecurity, ransomware is probably one of the first threats you think of. It seems like it’s everywhere — and it is. Ransomware is one of the most notorious cyber threats affecting individuals, businesses, and organizations globally. The frequency and impact of these attacks have surged in recent years, making it crucial to understand their nature and how to protect against them.