Blog

In this the fifth installment of our Detection Engine blog series, we examine the STAR Rules Engine and its role as one of five detection engines which work together as part of our cloud workload protection platform (CWPP) to detect, block, and respond to runtime threats impacting cloud workloads. (The first, second, third, and fourth […]

AnyDesk, a remote desktop software, has recently released confirmation of a cyberattack in which hackers were able to access the company’s production environment.  Anydesk stated that no authentication tokens were stolen during the attack, as these tokens only exist on the end user’s device and are associated with the device’s fingerprint. However, out of caution,

The Good | Recent Cyber Operations Combat Insider Threats and Disrupt Sophisticated Malware In a series of cyber arrests and operations this week, law enforcement agencies around the world made strides in taking down cyber threats across different regions. In the U.S., three former Department of Homeland Security employees, including a former Acting Inspector General,

Malware authors have long targeted the market for free, cracked apps available through torrent services: in recent years a variety of cryptominers, adware, browser hijackers and bundled software installers have all plied their warez this way, but a recent macOS malware first spotted by researchers at Kaspersky is currently running rampant through dozens of different

Security teams face an uphill battle as stealthy threats and Advanced Persistent Threats (APTs) become increasingly adept at slipping past conventional security tools, leaving organizations at heightened risk. It’s a game of digital hide-and-seek against well-funded and well-resourced adversaries that are proving to be ever more difficult to detect. The longer these threats go unnoticed,

In this the fourth installment of our Detection Engine blog series, we examine the Cloud Threat Intelligence Engine and its role as one of five detection engines which work together as part of our cloud workload protection platform (CWPP) to detect and block runtime threats impacting cloud workloads. (The first, second, and third posts in

A recent wave of Twitter/X account takeover attacks has seen multiple high-profile social media accounts compromised and used to spread malicious content aimed at stealing cryptocurrency.  The attacks use a family of malware known as crypto-drainers and often supplied through Drainer-as-a-Service (DaaS) platforms.  Some recent high-profile victims include the SEC and Mandiant. Crypto Drainers and

A Cisco Meraki leader chats with Forbes about the value of a cloud-first approach Read the full post.

The Good | Cops Arrest Man Behind Babuk Spinoff, Tortilla Ransomware Dutch police, in cooperation with cyber security firms, have arrested an individual in Amsterdam alleged to be behind the Tortilla variant of Babuk ransomware. As a result of the operation, the threat actor’s decryptor tool was obtained and cybersecurity researchers were able to analyze

In the third installment of the Detection Engine blog series, we examine the Application Control Engine, one of five detection engines which work together as part of our cloud workload protection platform (CWPP) to detect and block runtime threats impacting cloud workloads. (The first and second blog posts discuss the Static AI Engine and Behavioral