A curated threat intelligence approach, in which aging data is managed based on current attack status, is crucial to preventing cybercrime.
Attackers are turning up the heat with advanced TTPs like Adversary-in-the-Middle (AiTM) phishing attacks to steal session cookies and bypass MFA security.
OSINT vs Commercial Threat Intelligence – A high level overview weighing the pros and cons for each type of threat feed.
Remote Browser Isolation (RBI) is the piece of the SASE framework that is focused on securing the end user’s web browsing experience.
DNS Filtering and SWGs can offer core security functionality but the SASE framework requires CASBs to extend threat protection to cloud apps.
Secure Web Gateways complement DNS Filtering to deliver the minimum level of threat protection capabilities required in a SASE framework.
Active Threat Alert: Protect against active phishing campaigns serving up personalized and uniquely randomized URL paths or subdomains.
This post illustrates how you can leverage the threat intel from honeypots to identify malicious payloads like CoinMiners to block cryptojacking attempts.
Threat Alert: zvelo’s PhishBlocklist identifies a very active USPS phishing attack using personalized URLs that target USPS customers.