Aggregator

Discover the comprehensive roadmap for B2B SaaS companies to achieve enterprise readiness. Learn essential infrastructure requirements, compliance frameworks, enterprise features, and go-to-market strategies from a serial founder who scaled through product-led growth.

The post The Enterprise Readiness Playbook: Transform Your B2B SaaS from Startup to Enterprise-Grade appeared first on Security Boulevard.

By Kevin Hanes, CEO of Reveal Security A few weeks ago, I shared a thought that sparked a lot of discussion: SaaS is not a black box we can ignore. It’s a rich, dynamic attack surface – and one that attackers are increasingly targeting. That urgency was echoed powerfully in JPMorgan CISO Patrick Opet’s open letter to SaaS vendors. That letter stuck with me. It was direct, overdue, and – perhaps most importantly – public. So I want to return to this topic, because we’re still not talking about it enough. And we need to. SaaS Is the New Enterprise Perimeter We’ve long known our software supply chains carry risk. But something has shifted. SaaS apps – from email to collaboration platforms to CRM tools – have become deeply embedded in enterprise workflows. They’re where your customers are served, where your data lives, where your employees and contractors operate every day. That also makes them fertile ground for adversaries. We’ve seen this in many high-profile breaches: where the damage happened not on the network but in a third-party SaaS app. These are scenarios where the attacker has credentials — maybe stolen, maybe exploited — and proceeds to move laterally, conduct recon, and then manipulate workflows or exfiltrate data. The threat is real and it’s growing. We’ve seen reports in the last couple of weeks on this pattern described as an ‘insider threat’. Among these are the North Korean IT workers hacks into U.S. companies using stolen identities and the attack against Coinbase, in which threat actors recruited and bribed support agents to steal customer data from the company’s customer support systems. No One Gets to Hide Behind the Shared Responsibility Model Anymore Patrick Opet emphasized the need for a shift in how we approach SaaS security: “Software providers must prioritize security over rushing features. Comprehensive security should be built in or enabled by default.” “We must modernize security architecture to optimize SaaS integration and minimize risk.” This hits a nerve. The shared responsibility model — especially in SaaS — has too often become a shield vendors use to deflect accountability. But the reality is: shared responsibility can’t mean shared blindness. Let me be clear: it’s not just about the provider. It’s about how we as defenders secure access and then monitor what happens after authentication. SaaS providers rarely give you the telemetry to know when something unusual is happening inside your tenant. Traditional SIEM and endpoint tools don’t cut it here. And many organizations have no visibility at all into how identities are behaving across their ecosystem (dare I say “network”?) of SaaS applications. That’s exactly the blind spot attackers are counting on. So What Do We Do About It? We start by acknowledging the risk. SaaS isn’t “someone else’s problem.” It’s part of your infrastructure — and it deserves the same rigor as anything behind your firewall. Mandiant also stresses the importance of this in a recent investigations report noting the rise of adversaries targeting SaaS applications: “SaaS applications pose an interesting dilemma for organizations as there is a gray area of where and who should conduct monitoring to identify issues. For the applications where proprietary or guarded information exists, Mandiant recommends that an organization ensures they have a robust logging capability that their security teams can review for signs of malicious intent.” Second, we push for better from our vendors. I applaud Pat’s leadership in doing that. It takes courage to challenge an ecosystem that’s historically under-incentivized to prioritize enterprise-grade security. Finally, we invest in visibility, detection and response capabilities purpose-built for SaaS. That’s what we’re doing at Reveal Security: helping enterprises detect abnormal and malicious identity behavior inside and across cloud and SaaS applications — not through static rules or anomaly scores, but by understanding the typical behavior of each identity and flagging deviations that matter. We do this for all workforce identities — human, non-human, AI, or bot. Because let’s face it: adversaries don’t care about the shared responsibility model. They care about taking what’s yours. And if you don’t know what’s happening inside your apps, they already have the upper hand. Let’s keep this conversation going — openly, urgently, and with the shared understanding that cloud and SaaS security is enterprise security. The more we treat it that way, the better prepared we’ll be. – Kevin

The post Let’s Talk About SaaS Risk – Again… This Time, Louder. appeared first on RevealSecurity.

The post Let’s Talk About SaaS Risk – Again… This Time, Louder. appeared first on Security Boulevard.

The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as Golden Chickens), continues to exploit human trust through meticulously crafted social engineering. Sold as a Malware-as-a-Service (MaaS) to notorious threat actors like FIN6 and Cobalt Group, this potent JavaScript backdoor primarily targets human resources (HR) departments by masquerading as job application […]

The post More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware loader on users' machines. [...]

The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware loader on users' machines. [...]

Red Hat 正式宣布了企业发行版 RHEL 10，同时拥抱 AI 推出了 AI 助手 RHEL Lightspeed，帮助 IT 管理员管理 RHEL 10 服务器，用户可以向 RHEL Lightspeed 询问类似“帮助我排除 SSHD 无法启动故障”等问题。RHEL 10 的主要变化包括：基于 Linux 6.12 LTS 内核，改进 Cockpit web 控制台, 更新了软件包如 PHP 8.3、Nginx 1.26、Git 2.47、MySQL 8.4 等等。Red Hat 还与 SiFive 合作推出针对 RISC-V 架构的 RHEL 10 开发者预览版，初步支持 SiFive 的 HiFive P550 开发板。

Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed “RedisRaider,” specifically targeting Linux servers with publicly accessible Redis instances. This sophisticated Linux worm employs aggressive propagation techniques and advanced obfuscation to exploit vulnerabilities in misconfigured Redis servers, deploying a customized version of the XMRig miner to mine Monero cryptocurrency. The threat actor behind […]

The post RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities

Serviceaide, Inc. announced a significant data security breach affecting approximately 480,000 Catholic Health patients.  The incident, which occurred due to an improperly secured Elasticsearch database, exposed sensitive patient information for nearly seven weeks between September and November 2024.  Though no direct evidence of data theft has been confirmed, the company cannot rule out unauthorized access […]

The post Serviceaide Cyber Attack Exposes 480,000 Catholic Health Patients’ Data appeared first on Cyber Security News.

Service desks are on the front lines of defense—and attackers know it. Attackers are using social engineering attacks to trick agents into changing passwords, disabling MFA, and granting access. Learn more from Specops Software on how to secure your service desk. [...]

Discover how SPICE, WIMSE, and SCITT are redefining workload identity, digital trust, and software supply chain integrity in modern machine-first environments.

The post Standards for a Machine‑First Future: SPICE, WIMSE, and SCITT appeared first on Security Boulevard.