#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News

Threat Detection | Breaking Cybersecurity News | The Hacker News

Category — Threat Detection
Cover Your SaaS: Why SaaS Data Protection is the Foundation of Modern Business

Cover Your SaaS: Why SaaS Data Protection is the Foundation of Modern Business

May 19, 2025
Data Resilience is No Longer Optional Even in 2025, over half of all businesses suffer devastating data loss from ransomware attacks, configuration errors, or system crashes — yet only 15% of enterprises treat SaaS data backup as a strategic priority. While that number is projected to surge to 75% by 2028 , many organizations today overlook this critical component and risk falling dangerously behind or worse.  Data protection is more than an IT issue, and it takes more than your standard backup solution to reconcile this problem. As threats evolve rapidly, data protection is now an essential strategic priority. Businesses must respond by building resilient, cloud-native backup strategies that ensure data stays protected, available, and uncompromised, no matter the circumstances. Breaking Free from Legacy Constraints with SaaS-Driven Flexibility The modern enterprise landscape has transformed. Hybrid and multi-cloud environments have overcome their once-trendy labels, having b...
Securing Tier 0 – A History of Escalating Protection

Securing Tier 0 – A History of Escalating Protection

May 12, 2025
Starting from ground 0 Active Directory is currently installed in over 90% of the Fortune 1000 companies . Because of its prevalence, and the value of the information it maintains, we know it's a primary target for threat actors.  To protect Active Directory and other valuable assets of similar sensitivity, Microsoft introduced the concept of the Red Forest, a security architecture designed to protect Active Directory forests from cyberattack. Red Forest worked to containerize a hardened forest, separate from other forests, using buffer zones and policies to restrict activity. This concept, also known as Enhanced Security Admin Environment ESAE) came about in 2014. The separation of high value, highly sensitive forests in Active Directory from other systems and assets is critically important to protect the content housed within. Using the most modern approach available at any given time will help to thwart threat actors who are continuously searching for a way to infiltrate yo...
Rethinking Cyber Defense with Zero Trust + AI

Rethinking Cyber Defense with Zero Trust + AI

Apr 14, 2025
Businesses are firmly in attackers' crosshairs. Financially motivated cybercriminals conduct ransomware attacks with record-breaking ransoms being paid by companies seeking to avoid business interruption. Others, including nation-state hackers, infiltrate companies to steal intellectual property and trade secrets to gain commercial advantage over competitors. Further, we regularly see critical infrastructure being targeted by nation-state cyberattacks designed to act as sleeper cells that can be activated in times of heightened tension. Companies are on the back foot. Leaders must be confident in their cyber posture: Are defenses up to the job of keeping attacks at bay? Does the leadership team have a complete understanding of the threats and risks the company faces? How can CEOs seize the initiative to get ahead of threats? Adoption of zero trust architectures to improve cyber defense Businesses that don't embrace true zero trust will find themselves increasingly vulnerable to br...
Locking Out Threats: The Evolving Threat of Account Takeovers

Locking Out Threats: The Evolving Threat of Account Takeovers

Apr 07, 2025
Multi-factor authentication has long been touted to protect accounts. Organizations implement it, feel protected and move on. But today's attackers have evolved and so should defenses. Preventing access is ideal. But in the event a bad actor gets access, containment becomes a priority. Threat actors aren't always spending their time actively forcing their way into accounts. Instead, they're taking the easy route, logging in with stolen credentials and using MFA bypass techniques.  Account takeovers (ATO) lets attackers slip into organizational environments unnoticed , where they can move laterally, escalate privileges, and quietly steal valuable information and data. And now, they're increasingly logging in even with MFA in place. From social engineering to session hijacking, the tactics have become more sophisticated and more dangerous. The Reality: MFA Can Be Bypassed Authentication is still crucial for defense, but standard MFA is quickly being outmaneuvered by bad actors....
What it Means to 'Fight AI with AI' using a Zero Trust Platform

What it Means to 'Fight AI with AI' using a Zero Trust Platform

Mar 31, 2025
It's been reported that a new, generative AI worm dubbed "Morris II" has emerged. And for many, this new, generative AI worm is an understandable reason to panic.  Pushing back against hysteria, however, we discover that Morris II only targets AI apps and AI-enabled email assistants. No attack is a good one, but at least this one's very specific. More importantly, the recognition that just as AI is helping to accelerate and automate attacks, it will also drastically improve security efficacy.  While AI threatens to overwhelm reactive security teams with the pace and sophistication of its onslaught, it can likewise enable proactive prevention through predictive processes and controls. This is critical to giving security teams the chance to withstand the barrage that awaits them. Scaling alongside AI-enabled attacks There are two proactive efforts that scale well when accelerated attacks become the norm. Neither of these efforts need to be AI-powered to be effective against...
Identity Attacks: Prevention isn't Enough

Identity Attacks: Prevention isn't Enough

Mar 10, 2025
SaaS applications are the backbone of modern organizations, powering productivity and collaboration. However, they also introduce critical security risks—identity sprawl, misconfigurations, and an expanding attack surface. Identity providers have become a prime target for threat actors, prompting security teams to focus on protecting identities across multiple SaaS environments. To mitigate these risks, many organizations adopt SaaS Security Posture Management (SSPM) to harden configurations, enforce least-privilege access, and maintain visibility over human and non-human identities. SSPM is an essential preventive tool that improves cyber hygiene by reducing the attack surface. Yet prevention alone is not enough in today's evolving threat landscape. Identity Threat Detection and Response (ITDR) is crucial to bridge this gap and enable organizations to detect and respond fast to active threats targeting their identity infrastructure. The Growing Threat to SaaS Identities The rise i...
Why Aggregating Your Asset Inventory Leads to Better Security

Why Aggregating Your Asset Inventory Leads to Better Security

Mar 03, 2025
For many organizations, managing IT assets is like trying to complete a jigsaw puzzle without all the pieces. Despite massive investments in security tools and controls, many companies still have critical gaps in their ecosystems that leave them vulnerable to breaches. Often, these gaps stem not from a lack of tools—if such a thing exists in security—but from incomplete visibility and integration across those tools. By aggregating and analyzing data from multiple systems, security leaders can gain a more robust picture of their IT inventory and subsequently, their security posture. The challenge with disparate security tools It's not unusual for enterprises to deploy a wide array of security tools. The average organization uses roughly 10 security tools, covering everything from endpoint management to identity and access control. These tools, however, often operate in silos, creating fragmented and occasionally contradictory reports. Let's look at a practical example. Conside...
Breathing New Life into a Stagnant AppSec

Breathing New Life into a Stagnant AppSec

Nov 14, 2024
If you're like most people, your inbox overflows daily with a mix of important messages, random ads, and updates you didn't ask for. It's easy to miss what really matters. This inbox-overload mirrors what's happening in AppSec: security teams are overwhelmed with endless alerts and notifications, with only a handful pointing to actual risks. And while infrastructure and development environments have evolved radically in the past decade, AppSec tools haven't kept pace. The result? Outdated tools that can't sift out the noise, leaving teams struggling to focus on real threats amid a flood of alerts. As CEO of Backslash Security , I frequently hear from AppSec professionals who feel like they're stuck in reactive mode, juggling outdated tools that weren't designed for today's complex, cloud-native environments. These tools flood them with alerts, stretching their focus between routine notifications and the critical issues that could genuinely impact their applications. A few years ...
Cybersecurity Resources