The Secret Weakness Execs Are Overlooking: Non-Human Identities

October 3, 2024 at 11:42AM Traditional perimeter-based security measures are no longer sufficient in today’s distributed cloud environments. The shift to a new gold standard of enterprise security, “zero trust,” emphasizes the importance of managing both human and non-human identities. Mismanaged identities have led to high-profile breaches, highlighting the need for comprehensive and continuous visibility, … Read more

Palo Alto Networks and Deloitte Expand Strategic Alliance Globally

October 1, 2024 at 04:55PM Palo Alto Networks and Deloitte have expanded their strategic alliance into EMEA and JAPAC regions, offering AI-powered cybersecurity solutions globally. This collaboration aims to streamline security operations, enhance platformized security solutions, and harness AI to combat evolving threats. Deloitte will offer Palo Alto Networks security solutions across its network, cloud, … Read more

THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 16-22)

September 23, 2024 at 08:06AM The past week’s cybersecurity landscape was a rollercoaster ride. Notable events include the dismantling of the Raptor Train botnet, North Korean hackers deploying a new malware, takedown of criminal networks iServer and Ghost, and developments in the Apple vs. NSO Group lawsuit. These incidents underscore the evolving nature of cyber … Read more

Passwordless AND Keyless: The Future of (Privileged) Access Management

September 20, 2024 at 07:39AM Traditional privileged access management (PAM) solutions struggle to effectively handle SSH keys, which functionally differ from passwords. SSH keys outnumber passwords and grant widespread access, yet aren’t managed centrally, posing a security risk. Modern ephemeral access solutions bypass the need to manage passwords or keys, offering improved security and reduced … Read more

As Geopolitical Tensions Mount, Iran’s Cyber Operations Grow

September 18, 2024 at 02:25AM Iran continues to escalate cyber operations by utilizing APT34, also known as Hazel Sandstorm, to target government ministries in Iraq and neighboring nations. The cyberespionage group aims to gather intelligence through email tunneling and malware programs. Analysts believe the primary objective is espionage, reflecting the evolving geopolitical landscape in the … Read more

Kick off early Octoberfest with an EUC-fest

August 22, 2024 at 06:29AM The IGEL DISRUPT Munich event on Sep 16-17 at the INFINITY Hotel will showcase the latest innovations in end user computing. Keynote speakers include Mark Templeton and IGEL’s CEO and CTO. Sessions will cover topics like Citrix deployments, Microsoft Azure Virtual Desktop, cybersecurity, and the future of hybrid multi-cloud EUC. … Read more

Rogue AI is the Future of Cyber Threats

August 15, 2024 at 09:26AM Summary: The blog discusses the emergence of Rogue AI as a future cyber threat and emphasizes the need for understanding and mitigating its risks. It outlines the concept of Rogue AI, its categories – malicious, accidental, subverted, and the importance of adopting a comprehensive and proactive security approach in the … Read more

Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds

August 8, 2024 at 11:00AM AppOmni analyzed 230 billion SaaS audit log events, finding that most SaaS security incidents involve simple smash and grab incursions, with attackers using legitimate credentials for entry. The use of MITRE ATT&CK kill chain is minimal. AppOmni recommends implementing a full zero trust policy with effective MFA to prevent attacker … Read more

SaaS Apps Present an Abbreviated Kill Chain for Attackers

August 8, 2024 at 09:06AM Security researchers at Black Hat USA 2024 highlighted the evolving threat landscape for organizations due to the expanded use of SaaS applications. They revealed that attackers are leveraging valid credentials to breach SaaS environments, bypassing traditional cyber kill chain steps. It’s crucial for security teams to reassess defenses and implement … Read more

Verizon Business 2024 Mobile Security Index Reveals Escalating Risks in Mobile and IoT Security

August 8, 2024 at 05:46AM Verizon Business has released the 2024 Mobile Security Index (MSI) report, emphasizing the increasing threats to mobile and IoT device security. The report highlights the growing reliance on such devices and the associated security concerns, urging the adoption of robust frameworks and AI-driven cybersecurity solutions. The findings aim to inform … Read more