Over the past twenty years, I have navigated a unique journey through the cybersecurity landscape. My path has taken me from the realms of hacking and academia into the heart of threat intelligence (TI), culminating in my current role. Since I joined Cato in 2021, I’ve been leading security strategy and am proud to share the culmination of Cato’s research efforts in Cyber Threat Research Lab (Cato CTRL), our cyber threat research team.

On Friday, April 12, 2024, Palo Alto Networks PAN-OS was found to have an OS command injection vulnerability (CVE-2024-3400). Due to its severity, CISA added it to its Known Exploited Vulnerabilities Catalog. Shortly after disclosure, a PoC was published.

Every year, Bonnaroo, the popular music and arts festival, takes over a 700-acre farm in the southern U.S. for four days. While the festival is known for its diverse lineup of music, it also offers a unique and immersive festival experience filled with art, comedy, cinema, and more.

Cato Networks has recently released a new data loss prevention (DLP) capability, enabling customers to detect and block documents being transferred over the network, based on sensitive categories, such as tax forms, financial transactions, patent filings, medical records, job applications, and more. Many modern DLP solutions rely heavily on pattern-based matching to detect sensitive information. However, they don’t enable full control over sensitive data loss.

In an era where cyber threats evolve as rapidly as the technology they target, understanding the mindset of those behind the attacks is crucial. This was the central theme of a speech given by Etay Maor, Senior Director of Security Strategy, of Cato Networks at the MSP EXPO 2024 Conference & Exposition in Fort Lauderdale, Florida. Titled, “SASE vs.

A severe backdoor has been discovered in XZ Utils versions 5.6.0 and 5.6.1, potentially allowing threat actors to remotely access systems using these versions within SSH implementations. Many major Linux distributions were inadvertently distributing compromised versions. Consult your distribution’s security advisory for specific impact information.

The rapidly evolving technology and digital transformation landscape has ushered in increased requirements for high-speed connectivity to accommodate high-bandwidth application and service demands. Numerous use cases, such as streaming media, internet gaming, complex data analytics, and real-time collaboration, require we go beyond today’s connectivity trends to define new ones.

Cato XDR breaks the mold: Now, one platform tackles both security threats and network issues for true SASE convergence.

Phishing remains an ever persistent and grave threat to organizations, serving as the primary conduit for infiltrating network infrastructures and pilfering valuable credentials. According to an FBI report phishing is ranked number 1 in the top five Internet crime types. Recently, the Cato Networks Threat Research team analyzed and mitigated through our IPS engine multiple advanced Phishing Kits, some of which include clever evasion techniques to avoid detection.

In a recent ad on a closed Telegram channel, a known threat actor has announced it’s recruiting AI and ML experts for the development of it’s own LLM product.