Cybersecurity | Breaking Cybersecurity News | The Hacker News

Identity-based attacks are the #1 cause of breaches, often exploiting weaknesses in traditional identity platforms. It's time for a proactive approach that addresses these gaps and stops threats before they strike. Identity has become the primary attack surface in cybersecurity. According to Forbes, 75% of cyberattacks leverage identity-based threats. Threat actors gain access using stolen credentials, compromised devices, and deepfake impersonation techniques, often bypassing traditional defenses without detection. Many identity platforms rely on MFA, such as push notifications and one-time passcodes (OTPs), which were once considered secure but are now frequently exploited through phishing, MFA fatigue, and man-in-the-middle attacks. The rise of generative AI has made these threats more effective and more prevalent.  To compensate, organizations have deployed tools like Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and Identity Threat Detection ...

While emerging risks like AI-generated malware capture headlines, the reality of today's threat landscape is more straightforward. Most modern attacks, including ransomware, are backed by manual hacking operations. Attackers carefully navigate systems, using a "Living Off the Land" (LOTL) approach, to exploit legitimate system utilities. To figure out exactly how common these LOTL binaries are, we analyzed 700,000 security incidents from our Bitdefender GravityZone platform along with telemetry data (legitimate usage) from the last 90 days. Security incidents were not simple alerts, but correlated events, and we analyzed the whole chain of commands to identify how frequently attackers are using LOTL binaries. The result? 84% of major attacks (incidents with high severity) involved the use of LOTL binaries. For validation, we also examined our MDR data and found a consistent trend: 85% of incidents involved LOTL techniques. While this was our internal research to suppor...

Data Resilience is No Longer Optional Even in 2025, over half of all businesses suffer devastating data loss from ransomware attacks, configuration errors, or system crashes — yet only 15% of enterprises treat SaaS data backup as a strategic priority. While that number is projected to surge to 75% by 2028 , many organizations today overlook this critical component and risk falling dangerously behind or worse.  Data protection is more than an IT issue, and it takes more than your standard backup solution to reconcile this problem. As threats evolve rapidly, data protection is now an essential strategic priority. Businesses must respond by building resilient, cloud-native backup strategies that ensure data stays protected, available, and uncompromised, no matter the circumstances. Breaking Free from Legacy Constraints with SaaS-Driven Flexibility The modern enterprise landscape has transformed. Hybrid and multi-cloud environments have overcome their once-trendy labels, having b...

The cybersecurity community has been buzzing about JPMorgan Chase CISO Pat Opet's open letter to third-party suppliers since its release right before RSA. This candid assessment from the security leader of one of the world's largest financial institutions has struck a chord, particularly his observations about SaaS security. Opet didn't mince words: " SaaS models are fundamentally reshaping how companies integrate services and data—a subtle yet profound shift eroding decades of carefully architected security boundaries ." This statement encapsulates a reality that security professionals have been grappling with—the traditional security perimeter has dissolved, replaced by a complex web of interconnected SaaS applications, each with their own configurations, access controls, and data sharing capabilities. Let's break down the key issues highlighted in Opet's letter and explore practical solutions. The New SaaS Security Challenges OAuth Vulnerabiliti...

In today's digital landscape, where cyber threats are becoming increasingly sophisticated and pervasive, organizations must take a hard look at their traditional security models. For over three decades, firewalls and VPNs have been the backbone of network security. However, as the threat landscape evolves, it's clear that these legacy systems are no longer sufficient. Enter the Zero Trust model, exemplified by innovative solutions like Zscaler, which could revolutionize the way your organization approaches cybersecurity. Understanding the Risks Public IP Addresses as Attack Surfaces One of the critical vulnerabilities inherent in traditional security models is the reliance on public IP addresses. These addresses serve as direct attack surfaces for malicious actors. Just as having your phone number in a public directory makes you susceptible to unwanted calls, exposing public IPs makes organizations vulnerable to cyberattacks. Attackers can easily discover these IPs, allowing th...

Starting from ground 0 Active Directory is currently installed in over 90% of the Fortune 1000 companies . Because of its prevalence, and the value of the information it maintains, we know it's a primary target for threat actors.  To protect Active Directory and other valuable assets of similar sensitivity, Microsoft introduced the concept of the Red Forest, a security architecture designed to protect Active Directory forests from cyberattack. Red Forest worked to containerize a hardened forest, separate from other forests, using buffer zones and policies to restrict activity. This concept, also known as Enhanced Security Admin Environment ESAE) came about in 2014. The separation of high value, highly sensitive forests in Active Directory from other systems and assets is critically important to protect the content housed within. Using the most modern approach available at any given time will help to thwart threat actors who are continuously searching for a way to infiltrate yo...

Many of the day-to-day digital operations of businesses, governments, and critical infrastructure have one thing in common: Microsoft. From the Microsoft Windows operating systems powering endpoints and servers, to Azure's rapidly growing cloud services, Microsoft's products are everywhere, making the company and its products attractive targets for threat actors seeking to exploit vulnerabilities at scale.  With more than 1.4 billion Windows users around the globe and the adoption of platforms like Microsoft 365, Active Directory, and Azure surging, a single exploitable vulnerability in a Microsoft product can open the door to privilege escalation, lateral movement, or ransomware deployments that impact tens of thousands of interconnected systems. Whether nation state or financially motivated, modern cyber-crime syndicates will consistently take the path of least resistance, and vulnerable assets are a reliable attack vector. For twelve years, the Microsoft Vulnerabilities Repor...

I have been a Star Wars fan since the moment I took my seat in the theatre and saw Princess Leia's rebel ship trying to outrun an Imperial Star Destroyer. It's impossible to see that movie (or its greatest successor, Andor ) and not take the side of the underdog rebels, who are determined to escape the iron fist of imperial control. Of course, in my work as a security professional, "control" is the name of the game. I've spent as much of my career trying to stop my own end-users from going outside the lines as I have trying to guard against malicious outsiders. I personally still think I'm the good guy, since my ultimate goal is to protect sensitive data, but I understand why IT and security teams are often seen as the bad guys. After all, we do operate according to something called the "rule of no." It's not great branding, and increasingly, it just isn't working. Here's the situation in 2025: we have a galaxy's worth of diverse applications, devices, and user identities accessing...