applications
APT28 Cyber Espionage Campaign Targets Logistics and Tech Companies, CISA Warns
By Christy Lynch This post summarizes the CISA advisory issued on May 21, 2025 and offers some additional recommendations from Reveal Security based on similar and recently observed attack patterns targeting SaaS ...
Let’s Talk About SaaS Risk – Again… This Time, Louder.
By Kevin Hanes, CEO of Reveal Security A few weeks ago, I shared a thought that sparked a lot of discussion: SaaS is not a black box we can ignore. It’s a ...
RSA 2025 Reflections: The Conversation Beneath the Noise
By Kevin Hanes, CEO at Reveal Security Like every year, RSA 2025 was a sensory overload – in the best and worst ways. The buzz of AI was everywhere. The show ...
From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities
Introduction In today’s digital era, security breaches can occur in the blink of an eye. Telegram Desktop is renowned for its secure, user-friendly messaging interface, but what if the data used to ...
Permiso Launches Universal Identity Graph to Advance Zero-Trust IT
Permiso today added a Universal Identity Graph engine that makes it simpler for cybersecurity teams to visually map the relationship between individuals, applications and systems to better enforce zero-trust IT policies ...
Fair Ball or Foul Play? EU’s Digital Markets Act Puts App Security on Shaky Ground
Apple Inc, announced a fightback after the EU's Digital Markets Act (DMA) allegedly forced a compromise on the security of its products ...
Why SaaS Identity Abuse is This Year’s Ransomware
By Adam Koblentz Ransomware targeting endpoints and on-premises IT infrastructure has been a primary battleground for enterprise security teams in recent years. One of the highest-profile threat actor groups in this space ...
Snowflake and the Continuing Identity Threat Detection Gap Across SaaS and Cloud
By Adam Koblentz In recent weeks, a new wide-scale identity security incident has been unfolding that is refocusing the spotlight on important questions such as: Why are account takeover, credential misuse, and ...
Watch: “Behavior Doesn’t Lie:” The Power of ML for Identity Threat Detection and Response
Traditional security controls like MFA and PAM are bypassed easily by threat actors on a regular basis. Threat actors prefer breaking into organizations using legitimate credentials so they can achieve their goals ...
Why SaaS Identity Abuse is This Year’s Ransomware
Let’s explore some of the details behind this escalating threat to SaaS applications, what may be driving it, and what you can do to better protect your SaaS footprint from these types ...
