Arctic Wolf Labs has been tracking two recent intrusions where threat actors leveraged a new Go-based malware downloader we are calling “CherryLoader” that allowed them to swap exploits without recompiling code. The loader’s icon and name masqueraded as the legitimate CherryTree note taking application to trick the victims.

Today, Cato is furthering our goal of simplifying security operations with two important additions to Cato SASE Cloud. First, we’re leveraging generative AI to summarize all the indicators related to a security issue. Second, we tapped ML to accelerate the identification and ranking of threats by finding similar past threats across an individual customer’s account and all Cato accounts.

The financial services industry stands as one of the primary targets for threat actors seeking to exploit vulnerabilities and perpetrate malicious activities. The criticality of safeguarding both an organization’s infrastructure and its clientele cannot be overstated. Amidst these challenges, the role of a comprehensive threat intelligence platform emerges as a beacon of proactive defense.

Did you know you're carrying a secret superhero around in your pocket? Introducing: Your smartphone.

In today’s digital world, is your data 100% secure? As more people and businesses use cloud services to handle their data, vulnerabilities multiply. Around six out of ten companies have moved to the cloud, according to Statista. So keeping data safe is now a crucial concern for most large companies – in 2022, the average data leak cost companies $4.35 million. This is where cloud security architecture comes in.

Security analysts continue to face an ever-evolving threat landscape, and their traditional approaches are proving to be quite limited. They continue to be overrun with security alerts, and their SIEMs often fail to properly correlate all relevant data, leaving them more exposed to cyber threats. These analysts require a more effective method to understand threats faster and reduce security risks in their environment.

The new guidelines to secure GitHub repositories are being followed by every enterprise. These new protocols were circulated after discovering a vulnerable loophole in the self-hosted action runner in August 2023. To know more about the vulnerability, how and who discovered it, and its mitigation, read further.

Applications are becoming the gateway for attackers to gain unauthorized access and perform their malicious activities on end-user devices. And when such a thing happens, not only the user but also the software development firm suffers. So, now it has become utterly important to ensure the app security with the best-in-class tools available.

In this blog post, Kevin Menezes, Sr. Manager, Customer Success, shares his best practices for getting started with Tines. Over the past decade, I've worked closely with security leaders at all types of organizations, from Fortune 10 companies to organizations with 10 employees, as they deploy new security products to help them optimize and streamline processes. And here's what I've learned - it’s unusual - but not impossible! - to onboard customers quickly.