Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Secure Access Service Edge (SASE) is a holistic security model that integrates both networking and security functions into a single, cloud-native architecture. SASE security combines secure network access, SASE cloud security and zero-trust technologies to create a unified approach to protecting the enterprise networks of today. SASE can be extremely useful especially for organizations adopting digital transformation and remote work. Some of the SASE benefits are.

Welcome to Corelight Labs' latest hunt! This blog continues our tradition of analyzing trending threat groups and TTPs on Any.Run and writing detectors for them, providing the community with open-source threat intelligence, and acting as a tutorial in engineering threat detections with Zeek Script.

Did you know that in 2023, the average data breach cost companies a whopping $4.45 million? Ouch! And with development cycles spinning faster than a hyper-caffeinated hamster, those risks are only multiplying. So how do you keep security from becoming a costly afterthought in this high-speed race? Enter Security as Code (SaC) – your secret weapon for weaving security into the very fabric of your development process.

The current era of distributed work requires delivery of truly borderless digital applications and services powered by the cloud, delivered via a secure network centered on high performance and best in class user experience. It is essential that your organization has visibility and real-time insights into the data flow across the extended enterprise network as well as the ability to apply the necessary People, Process & Technology safeguards for data in transit and rest.

Today, we published the Q3 2024 Cato CTRL SASE Threat Report, which summarizes findings from Cato CTRL’s analysis of 1.46 trillion network flows across more than 2,500 customers globally between July and September 2024.

In today’s digital environment, encrypted traffic has become the norm, with over 90% of web communications now utilizing encryption. While this secures data in transit, it has become a blind spot for enterprises, enabling attackers to hide malware within encrypted channels. According to the Q3 2024 Cato CTRL SASE Threat Report, organizations that enable TLS inspection block 52% more malicious traffic than organizations than don’t.

In a well-functioning network, each device communicates seamlessly with others, relying on unique IP addresses to maintain its identity and keep everything in sync. But what happens when this system breaks down, and two devices attempt to use the same address? IP conflicts are more common than you might think, causing unexpected disruptions that slow down or even halt network operations.

On November 14, 2024, Palo Alto Networks disclosed five critical vulnerabilities in its Expedition configuration migration tool, a solution designed to simplify the migration of firewall configurations from third-party vendors to Palo Alto Networks’ PAN-OS infrastructure. These vulnerabilities—tracked as CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, and CVE-2024-9467—expose users to risks such as unauthorized access, data leakage, and system compromise.