What does the next decade of security look like? 🌐 Find out tomorrow on X. @Shirastweet hosts live interviews with Elad Koren and our leadership team to discuss our latest innovations and what is next in cybersecurity 🛡️ ▶️ Tomorrow, Secured | March 24 | 10am PT

Introducing a new standard of security for the AI Enterprise. From the first secure agentic browser to automated network trust, we’re securing autonomous work. 🟧 Prisma AIRS 3.0 🟧 New Innovations in Prisma SASE 🟧 Next-Generation Trust Security See what's new.

The Stryker breach just got worse. After the initial compromise - attributed to Iranian-linked group Handala Hack - attackers used legitimate Microsoft Intune admin credentials to issue remote-wipe commands across corporate devices globally. They didn't deploy malware. They

You do not want to miss an exclusive first look at the breakthroughs defining the next decade of cybersecurity. Join us next week for Tomorrow Secured, live on X, to unpack Palo Alto Networks latest innovation roadmap. 📆 March 24 | 10am PT

CISA urges US orgs to secure Microsoft Intune systems after Stryker breach

Microsoft introduces Backup and Recovery for Microsoft Entra ID! Entra Backup and Recovery solution enables you to quickly recover from malicious attacks or accidental changes by reverting your core tenant objects to any previous state within the last 5 days. With automated

An attacker floods a switch with many fake MAC addresses, causing it to act like a hub and forward traffic to all ports. 
What is this attack called? A. MAC Spoofing 
B. MAC Flooding 
C. ARP Poisoning 
D. VLAN Hopping

@affirmedsystems Incidents can be very unforgiving

I watched a network engineer troubleshoot a slow API. He opened Wireshark. He clicked the capture interface. He clicked the red stop button after 30 seconds. He scrolled through thousands of packets, looking for the HTTP conversation. He was squinting. I asked if he enjoyed the

After gaining access to a system, attackers often begin by identifying which users are currently logged in. Active sessions represent authenticated identities that the system already trusts. If a privileged account is active, the attacker may be able to interact with that session

If one of your Global Admins got popped, you should assume compromise of all M365 services and the data within it, all Azure services and the data within it, all on-prem services and the data within it. Its highly likely they can also pivot to SaaS and other 3rd party clouds

Looks like Iran retired the Stryker CISO too. oof.

"Executives had personal phones wiped because corporate MDM was installed on their private devices!!" Wiping devices is honestly the least concerning thing a TA could have done with that level of access... TAs don't honor the "we won't look at you stuff, pinky swear" IT policy

Lessons from the Stryker Cyberattack

The rumors of backdoored encryption systems are as old as encryption systems. Cliff Stoll throwing shade at @NSAGov in 1989.

Palo Alto Prisma Access vs Zscaler #PaloAlto #Prisma #ZScaler https://t.co/jTGY8dgXoI

The Stryker Intune Remote Wipe incidents highlight that detection & response capabilities should extend beyond the attack vectors often published. The destruction of services should be detected if it exceeds a certain threshold within a sliding window. More in 🧵

Doing some napkin math, I estimate just under 3 hours (fully optimized) to wipe 200K devices via Intune API If an attacker were unaware of API limits being per app, that bumps to ~5.5 hours under ideal conditions What happens if all admin devices are wiped first? 🤔 😳 🥺 😭

Linus Torvalds created Linux at 21 without Claude or any other AI. - He didn't have a co-founder. - No VC funding. No office. - No team. - Just a personal project he posted to a mailing list: "I'm doing a free OS." 33 years later, it runs 97% of the world's servers,

Rule 5: “High volume of DNS queries to newly registered domains” Trigger: Living-off-the-land C2 or data exfil. Action: Block domain at firewall + investigate source. These 5 rules are simple but effective. Which rule are you most proud of tuning this week? Drop it below 👇