Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In a world of digital security and authentication, JSON Web Tokens (JWTs) have risen as a secure and lightweight way to transmit user information between services. JWTs are used for everything from single sign-on to API authorization, and they play a key role in modern web development. This article will answer the questions of what JWTs are, how they work, and how to use them securely, while referencing five leading articles on the topic.

Outpost24’s threat intelligence researchers have been analyzing a corporate database seller known as “Lionishackers”. They’re a financially motivated threat actor focused on exfiltrating and selling corporate databases. This post explores how they operate, where their attacks are taking place, and the current level of threat they pose.

In the race to secure modern enterprises, Zero Trust Network Access (ZTNA) is gaining speed, and has become the default remote access solution for many enterprises. But while ZTNA is a fabulous on-ramp to Zero Trust and a broader security strategy, it’s not enough to secure the win on its own. Operationalizing Zero Trust requires takes than just access control. It requires a security platform play: convergence, continuous risk evaluation, and visibility across every edge.

In September 2024, Netskope Threat Labs reported on the XWorm malware and its infection chain. We revealed new XWorm command and control (C2) commands and dissected its notable features. After nearly a year of tracking this malware, we discovered a new version (version 6.0) in the wild, which introduced new features such as process protection and enhanced anti-analysis capabilities.

In today's complex network environments, ensuring complete visibility while optimizing resource utilization is paramount. Duplicate network traffic can overwhelm your monitoring infrastructure, create redundant alerts for SecOps, consume valuable storage, and obscure critical insights, making it harder for Network Detection and Response (NDR) solutions to spot genuine threats or anomalies. Network Packet Brokers often offer deduplication as a feature but it can add complexity and cost.

Back to Table of Contents Data Loss Prevention (DLP) plays a crucial role in protecting information such as personal, financial, and confidential business data from accidental exposure, malicious attacks, or insider threats. As businesses increasingly rely on cloud services and remote workforces, implementing effective DLP is essential to safeguard sensitive data, comply with regulatory requirements, and reduce financial and reputational risks.

In today’s hybrid, multi-cloud environments, managing accurate network data and enforcing policy consistency across diverse infrastructures has become a serious operational challenge. As enterprises navigate the complexity of multi-vendor architectures and evolving security requirements, gaps in IPAM (IP Address Management) accuracy can lead to operational disruption, misconfigurations, and audit risk.

As cyber threats grow in complexity and financial systems become increasingly reliant on interconnected digital infrastructure, the European Union’s Digital Operational Resilience Act (DORA) is redefining the technical and governance requirements for how financial entities and their Information and Communication Technology (ICT) service providers manage, withstand, and recover from operational disruptions.

ToxicPanda is a banking trojan designed to infiltrate your mobile device, stealing financial details by targeting banking & financial apps. The malware keeps evolving, with the developers behind it being quick to add new features, such as overlaying pin & pattern codes, overlaying credential inputs for specific banking apps, allowing cybercriminals to remotely take control of compromised bank accounts and initiate unauthorized money transfers.

AI adoption is rapidly increasing, and with that comes a steady influx of useful but potentially vulnerable tools and services still maturing in the AI space. The Model Context Protocol (MCP) is one example of new AI tooling, providing a framework for how applications integrate with and supply context to large language models (LLMs). MCP servers are central to developing AI assistants and workflows that are deeply integrated with your environment.