Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax attack within the Apache Struts framework. However, a new critical…
The cloud workload security (CWS) market has been rapidly consolidating capabilities like cloud infrastructure entitlement management (CIEM), cloud security posture management (CSPM), etc., into their offering. But despite a more…
Cybersecurity trend 2: Data will be weaponized against cloud-based ML models Since AI and machine learning depend on training data to build their models, compromising that data is an obvious…
Introduction Pawn Storm (also known as APT28 and Forest Blizzard) is an advanced persistent threat (APT) actor that shows incessant and lasting repetitions in its tactics, techniques, and procedures (TTPs).…
The technology landscape moves fast – but some things remain remarkably unchanged. Despite the emergence of alternative platforms, email is still a primary communications channel for internal and external business…
The Endpoint Threat and Technology Landscape is Changing Threat actor groups, insider threats, and nation state actors are developing and leveraging new tactics and techniques to strike faster and evade…
The Ivanti Zero-Day vulnerability may not be getting the attention it deserves today, yet it carries substantial real-world impacts. A critical issue with this vulnerability is that the primary mitigation…
The security technology and architecture that the government chooses to invest in now must be positioned to remain at the forefront of cyberattacks today and in the years to come.…
Cyber asset discovery First, you need total visibility to be able to discover and continuously monitor known, unknown, internal, and internet-facing (external) assets. Siloed point products across endpoints, users, devices,…
Defense evasion by exploiting CVE-2023-36025 Once the malicious .url file exploiting CVE-2023-36025 is executed, it connects to an attacker-controlled server to download and execute a control panel item (.cpl) file.…
Growth Setup