Catching Luke Jennings talk on the evolution of attacks against Assad platforms 🔥 #socon2024

Can admins steal cloud password manager secrets? Tl;dr - Yes! I use Dashlane as an example but it’s a generic approach and may end up a hash dumping equivalent for the SaaS-native world. It’s worth understanding the details! pushsecurity.com/blog/can-my-ad…

We've put together an index of the latest identity-based attacks, focusing on examples of networkless and SaaS-SaaS attacks that have been publicly disclosed. These attacks can tell us a lot about where identity attacks are headed. Check it out! pushsecurity.com/blog/identity-…

Bypass MFA, own an Okta account, then persist after you are shut down. 1. Trick employee to auth to Okta via a transparent VNC session 2. Persist on downstream SaaS 3. SAMLJacking for "lateral movement" Check it out: youtube.com/watch?v=xZIQd_… #redteam #blueteam

Now you can detect and block identity attacks directly inside any web browser. 1. Stop corp password reuse and phishing 2. Detect EvilGinx/EvilNoVNC 3. Session Hijacking detection ... and more. Hear the full announcement on Patrick Gray risky.biz/snakeoilers19p…

In town for #RSAC next week? I have a (super brief) talk at the Decibel Oasis (on Tuesday) on why cybersecurity products need to focus a little less on war and a little more on love¹. lu.ma/Oasis_MeetUp __ ¹ With Thinkst Canary as a case-study.

This year Thinkst Canary cleared $19m in ARR. - We still have less than 40 people... - We still do "no" outbound sales... We believe more security-product companies can do this too, by focusing a little more on customer-love. We spoke about it at the Decibel event at RSAC.

While recommendations to enable MFA will certainly help combat these types of threats, it is important for organizations to understand the MFA is not a panacea. One example, described by Luke Jennings of Push , of how attackers can subvert MFA is Session Cookie Theft.

The Snowflake breach will be for cloud identity attacks what WannaCry was for Ransomware. Join Luke Jennings to explore the practical takeaways from the incident. Select the best time for you using the dropdown menu. pushsecurity.com/webinar/snowfl…

Some asked how to remove these ghost logins from Snowflake after migrating to SAML SSO. You can unset a user's password. The guidance is here: community.snowflake.com/s/article/How-…

Is the Snowflake breach, touted as the biggest in history, identity security’s WannaCry moment? Join Luke Jennings, VP R&D at Push, to explore what Snowflake shows us about the complexity of the identity attack surface, and discuss the practical steps that

1/ It’s fascinating how many layers of protection even poorly written AiTM phishing kits put in place to frustrate discovery now. I’m talking about the type of kit where the authors forgot to implement the JS encryption function placeholder they wrote so it returns clear text😂

Identity Threat Detection and Response…What is it and how do we define it? Adam Bateman //O from Push, breaks it down on the CloudSecurityPodcast and other tools you may need in your Security defenses. 🎧 Don’t miss this episode! bit.ly/3Z2rmL0 #ITDR #CloudSecurity

BDR: Browser Detection and Response thehackernews.com/2024/08/how-to…

1/ A new class of phishing - how verification phishing and cross-idp impersonation can bypass your SSO. Here is a video demo, but this is one where you really need to read the full article too - pushsecurity.com/blog/a-new-cla… I'll summarize the key points in this thread.

7/ At first, this might seem obvious, unrealistic or not that big a deal. Read the full article and dwell on it for a while. Trust me, the more you think about it, the more crazy you'll realize this is. Full article - pushsecurity.com/blog/a-new-cla…

Someone is using Evilginx to target customers of Onfido, part of Entrust, with a malicious Google advert that comes above the legitimate Onfido advert 🤯 Yes that us[.]com domain is actually an evilginx server - guess which advert is the malicious one

Thrilled to be partnering with Push to lead their Series B! Push is bring identity security to where work happens today - the browser. Hear from me, CEO Adam Bateman //O and Jordan Segall on why Push is the future of identity security:

A decade in, bootstrapped Thinkst Canary reaches $20M in ARR without VC funding | TechCrunch techcrunch.com/2025/05/29/a-d…

big news