Hybrid work, which involves splitting the working week between in-office and remote work time, is the new normal that many companies have been adapting to after the COVID-19 pandemic crisis forced them to work remotely to continue providing services. A recent study indicates that, in fact, 58% of companies have been encouraged to promote a hybrid return to the office. In addition, it estimates that 48% of employees will be following a hybrid or remote model in the next two years.

Today’s organizations have a plethora of tools and technologies to protect their systems and assets. While this is certainly a privilege, it can sometimes be tough to keep up with the ever-expanding lists of acronyms and tools out there.

Kobalt.io is a Managed Security Service Provider (MSSP) with the mission of developing and managing cybersecurity programs for small and mid-sized businesses, making big-budget security affordable to smaller organizations. It builds on world-class frameworks and toolsets, combining the power of the cloud and data at scale to address the complexity of cybersecurity for small businesses.

In part one, we examined how threat actors abuse a OneNote document to install an infostealer. Part 2 of this series discusses an AsyncRAT infection chain while detailing important parts of the code. We’ll also quickly analyze other notable malware strains such as Qakbot and RemcosRAT.

The report reveals an unprecedented number of hard-coded secrets in new GitHub commits over the year 2022. And much more.

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files. Once clicked, an attacker can use the embedded code for various malicious purposes, such as stealing data or installing ransomware on victims' systems.

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I will share new Microsoft Power Platform DLP Bypass findings we uncovered.

JavaScript is the world’s most popular programming language, providing many web frameworks that help developers build secure, reliable Node.js web applications. Each framework has unique features, and which framework is right for you depends on your preference and the type of application you intend to create. With so many frameworks available, you need a way to assess their security.

CrowdStrike has repeatedly proven through independent, third-party testing why the CrowdStrike Falcon® platform is the trusted security choice of so many companies and organizations. The Falcon platform provides customers with 360-degree visibility across their entire attack surface, with advanced use of machine learning to automate threat detection and prevention, augment SecOps teams and stop breaches before they occur.