Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In a world of digital security and authentication, JSON Web Tokens (JWTs) have risen as a secure and lightweight way to transmit user information between services. JWTs are used for everything from single sign-on to API authorization, and they play a key role in modern web development. This article will answer the questions of what JWTs are, how they work, and how to use them securely, while referencing five leading articles on the topic.

Outpost24’s threat intelligence researchers have been analyzing a corporate database seller known as “Lionishackers”. They’re a financially motivated threat actor focused on exfiltrating and selling corporate databases. This post explores how they operate, where their attacks are taking place, and the current level of threat they pose.

In the race to secure modern enterprises, Zero Trust Network Access (ZTNA) is gaining speed, and has become the default remote access solution for many enterprises. But while ZTNA is a fabulous on-ramp to Zero Trust and a broader security strategy, it’s not enough to secure the win on its own. Operationalizing Zero Trust requires takes than just access control. It requires a security platform play: convergence, continuous risk evaluation, and visibility across every edge.

In September 2024, Netskope Threat Labs reported on the XWorm malware and its infection chain. We revealed new XWorm command and control (C2) commands and dissected its notable features. After nearly a year of tracking this malware, we discovered a new version (version 6.0) in the wild, which introduced new features such as process protection and enhanced anti-analysis capabilities.

In today's complex network environments, ensuring complete visibility while optimizing resource utilization is paramount. Duplicate network traffic can overwhelm your monitoring infrastructure, create redundant alerts for SecOps, consume valuable storage, and obscure critical insights, making it harder for Network Detection and Response (NDR) solutions to spot genuine threats or anomalies. Network Packet Brokers often offer deduplication as a feature but it can add complexity and cost.

Back to Table of Contents Data Loss Prevention (DLP) plays a crucial role in protecting information such as personal, financial, and confidential business data from accidental exposure, malicious attacks, or insider threats. As businesses increasingly rely on cloud services and remote workforces, implementing effective DLP is essential to safeguard sensitive data, comply with regulatory requirements, and reduce financial and reputational risks.