%term

How CrowdStrike Stops Living-off-the-Land Attacks

Oct 14, 2025 By Chris Prall In CrowdStrike

Adversaries have shifted their tactics away from traditional malware and toward approaches that exploit the very tools organizations rely on. Instead of introducing malicious files that can be blocked outright, attackers weaponize legitimate applications such as built-in Windows utilities, remote monitoring and management (RMM) tools, file transfer software, and administrative programs.

Read Post

CrowdStrike

Read more about How CrowdStrike Stops Living-off-the-Land Attacks

Stop Living-off-the-Land Attacks with Falcon Endpoint Security: Demo Drill Down

Oct 14, 2025 By CrowdStrike In CrowdStrike

Modern adversaries have shifted away from traditional malware toward weaponizing legitimate tools like RMM software, Windows utilities, and administrative programs. These "living-off-the-land" attacks blend seamlessly into normal business operations, making them extremely difficult to detect with traditional security tools.

View Video

CrowdStrike

Read more about Stop Living-off-the-Land Attacks with Falcon Endpoint Security: Demo Drill Down

Understanding the Colt Attack

Oct 14, 2025 By Sean Moran In JUMPSEC

As Jaguar Land Rover (JLR) announces a return to operations after a six-week disruption, a lengthier, less publicised UK-based cyber-attack recovery remains unresolved. Perhaps the relative quiet is because Colt Technology Services, a critical connectivity and trading network serving major banks and stock exchanges in ~30 countries, is not a household name like JLR, Co-Op, or M&S. Or perhaps it’s because the narrative doesn’t fit the now-expected Scattered Spider storyline.

Read Post

JUMPSEC

Read more about Understanding the Colt Attack

What's Going On at Salesforce? - The 443 Podcast - Episode 347

Oct 13, 2025 By WatchGuard Technologies In WatchGuard

This week on the podcast, we discuss the wave of extortion attacks targeting companies that use Salesforce. After that, we discuss Discord's breach involving their customer support application. Finally, we dive deep into the recent Oracle E-Business Suite zero-day vulnerability and how attackers chained together multiple low-severity findings into a critical issue.

View Video

WatchGuard

Read more about What's Going On at Salesforce? - The 443 Podcast - Episode 347

Understanding Account Takeovers

Oct 10, 2025 By Arctic Wolf In Arctic Wolf

The identity attack surface is expanding faster than ever. Every new cloud application, remote login, and digital touchpoint creates another entryway threat actors can exploit, targeting the very credentials that give employees, customers, and partners access to critical systems. One of the top, tried-and-true identity attack techniques threat actors have utilized with great success is called an account takeover.

Read Post

Arctic Wolf

Read more about Understanding Account Takeovers

Inside the Crimson Collective Attack Chain-and How to Break It with Zero Standing Privileges

Oct 10, 2025 By Gabriel Avner In Apono

New details are emerging in recent weeks on how the Crimson Collective threat group has been conducting a large-scale campaign targeting Amazon Web Services cloud environments. Recent reports highlight how easily the attackers progressed once they obtained valid credentials. The Crimson Collective claims to have exfiltrated ~570 GB across ~28,000 internal GitLab projects; Red Hat has confirmed access to a Consulting GitLab instance but hasn’t verified the full scope of those claims.

Read Post

Apono

Read more about Inside the Crimson Collective Attack Chain-and How to Break It with Zero Standing Privileges

Mobile App Security Assessment: Identifying Risks Before Attackers Do

Oct 10, 2025 By Lookout In Lookout

Misconfigurations in storage and encryption settings can put your mobile apps at risk, but so can social engineering attacks. Mobile devices are powerful productivity tools, enabling your staff to work from almost anywhere. They can also be security risks, sharing sensitive data outside of a tightly controlled office environment. If smartphones and tablets are integral to your organization’s day-to-day workflows, a mobile application security assessment should be part of your cybersecurity strategy.

Read Post

Lookout

Read more about Mobile App Security Assessment: Identifying Risks Before Attackers Do

10 Signs Your Company Needs Managed Cybersecurity Services

Oct 10, 2025 By SafeAeon Inc. In SafeAeon

Cyberattacks are becoming more frequent and costly for businesses all around the world. Despite investing in solid IT/security teams, businesses are struggling to ward off cyberattacks. There are three main problems with in-house teams: limited staff, restricted budgets for advanced tools, and a lack of specialized expertise to cover every threat. So, what’s the solution? Managed Cybersecurity Services.

Read Post

SafeAeon

Read more about 10 Signs Your Company Needs Managed Cybersecurity Services

SquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link Distribution

Oct 9, 2025 By SquareX

As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security research exposing major vulnerabilities that could allow attackers to exploit AI Browsers to exfiltrate sensitive data, distribute malware and gain unauthorized access to enterprise SaaS apps. The timing of this disclosure is particularly significant as major companies including OpenAI, Microsoft, Google and The Browser Company have announced or released their own AI browsers. With Chrome and Edge alone representing 70% of the browser market share, it is very likely that the majority of consumer browsers in the future will be AI Browsers.

Read Post

Read more about SquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link Distribution

Enterprises take nearly a week to grant new hires full access to critical workflows

Oct 9, 2025 By Teleport In Teleport

Half of enterprise respondents cited identity-related tasks as causing 'problematic levels of manual work' for staff, impeding the ability to react to identity-based attacks in time.

Read Post