HEAT
Browsing blind: Understanding the dangers of limited browser visibility
The browser has emerged as the most widely used enterprise application today. That’s good news for users who need to access corporate data and business tools from anywhere with a reliable Internet ...
How Legacy URL Reputation Evasion (LURE) attacks easily bypass current security tech
Whether it’s the push for fully remote work, in-office work, or a hybrid workstyle, the conversation around how and where employees will work continues. But guess what? To cybercriminals, this conversation doesn’t ...
Digital smugglers: How attackers use HTML smuggling techniques to beat traditional security defenses
It’s hard to imagine a time when the web browser wasn’t the critical enterprise productivity app. Many enterprise workers born in the 1990s likely don’t recall when the web browser wasn’t the ...
Escalating evasive browser attacks: Understanding the whys
Cybersecurity is a perpetual challenge of strategy and adaptation. Threat actors find a vulnerability, and, eventually, security vendors plug the hole. Attackers find another way into the network, and a patch is ...
Real-world examples of Highly Evasive Adaptive Threats (HEAT) in the news
Despite some good news from the recently released 2023 CyberEdge Cyberthreat Defense Report (CDR), high-profile breaches continue to plague the industry. From Rackspace to Twitter to GitHub, businesses, organizations and government agencies ...
Malicious password-protected files: The issue of prioritizing business decisions over security policies
Attackers are constantly crafting new ways to evade enterprise cybersecurity defenses. Consider both how phishing attacks and the delivery of malware are evolving. In this case, through password-protected files to infect endpoints ...
The art of MFA Bypass: How attackers regularly beat two-factor authentication
Whether it’s cloud-based productivity suites, powerful analytics platforms, the largest of enterprise ERP systems, and every application in between — to get work done, the web browser is the modern go-to application ...
The illusion of safety: Unmasking evasive browser attacks for a secure cyber landscape
Security used to be pretty straightforward. Enterprises would build a strong perimeter defense in front of a robust data center and shore up entry points into the network—ensuring that malicious actors couldn’t ...
Is RBI the key to the White House’s new cybersecurity strategy?
The Biden administration announced a new national cybersecurity strategy earlier this month. As digital transformation continues to radically change how the country lives, works, communicates and plays, the new federal cybersecurity strategy ...
The difference between Highly Evasive Adaptive Threats (HEAT) and advanced persistent threats (APT)
In the fast-paced world of enterprise security, the last two years have seen a whirlwind of change unlike any other. The rise of remote work, cloud migration, and Software-as-a-Service (SaaS) applications has ...