July 16, 2024 at 07:22AM SaaS applications face growing identity-based threats, with cybersecurity experts lacking the means to detect and respond effectively. The US CISA emphasizes that 90% of cyberattacks start with phishing, while stolen credentials, over-provisioned accounts, insider threats, and non-human identity hijacking further highlight identity as a top attack vector. Implementing Identity Threat … Read more
April 19, 2024 at 05:47AM A security researcher at SafeBreach, Or Yair, outlined vulnerabilities associated with the DOS-to-NT path conversion process in Windows, dubbed “MagicDot,” during a Black Hat Asia 2024 session. The issues enable attackers to conceal and impersonate files, directories, and processes, leading to potentially dangerous post-exploitation capabilities. Yair detailed four related vulnerabilities, … Read more
November 20, 2023 at 03:08AM A proactive cybersecurity approach requires comprehensive information on threats and vulnerabilities. Malware sandboxes offer isolated environments to analyze malware, while threat intelligence feeds provide real-time information on threats. Combining these tools allows organizations to detect, analyze, and respond to threats more effectively, enhancing detection capabilities, reducing false positives, improving incident … Read more