Detecting phishing sites that constantly change can feel like trying to hit a moving target. We're taking a different approach by detecting (and blocking!) phishing in the browser by preventing creds being entered anywhere except legit login pages. pushsecurity.com/blog/introduci…

Check out our latest case study from Upvest! A major draw for Upvest was the power of our browser extension for identity threat detection and response, which we’re not seeing many other orgs in the ITDR space make use of. Read here: pushsecurity.com/resources/cust…

Are you heading to Identiverse next week? Luke Jennings will be delivering a technical masterclass demonstrating how to own a business without touching the endpoint, by targeting SaaS apps and identities. Don't miss it!

Check out our upcoming webinar with Luke Jennings where he'll be demoing the use of AitM phishing toolkits to compromise cloud identities! 😎 There are a few different time slots to choose from so you can catch this wherever you are. app.livestorm.co/push/phishing?…

1/ The ongoing Snowflake situation has made me realize just how dangerous ghost logins – a SaaS-based persistence technique that I coined last year – can be as an initial access vector. So what is a ghost login, exactly?

7/ Well, when we investigated, we discovered that if you enable SAML SSO for a Snowflake account for a local account with no MFA, the local password still works unless you explicitly create an authentication policy to prevent it.

The Snowflake breach will be for cloud identity attacks what WannaCry was for Ransomware. Join Luke Jennings to explore the practical takeaways from the incident. Select the best time for you using the dropdown menu. pushsecurity.com/webinar/snowfl…

Is the Snowflake breach, touted as the biggest in history, identity security’s WannaCry moment? Join Luke Jennings, VP R&D at Push, to explore what Snowflake shows us about the complexity of the identity attack surface, and discuss the practical steps that

If you missed my Snowflake webinar yesterday and you’re impacted by the recent breach, you can check out this link to the demo segment from the webinar, where I show how to disable ghost logins in Snowflake. Remember, this is not just a Snowflake problem pushsecurity.com/resources/vide…

Join us for happy hour with Sublime Security on August 8! Grab a drink, have a bite, catch up with old friends (and make some new ones) at KUMI in Mandalay Bay! RSVP: lu.ma/bh24-sublime-p…

I wrote a blog post on the many defense mechanisms phishing kits are using to avoid discovery and analysis now. I used a recent instance of NakedPages and cover 9 different techniques, including Cloudflare Workers and Turnstile abuse. IOCs included. pushsecurity.com/blog/how-aitm-…

Some of my research on SaaS attacks, including ghost logins and other persistence vectors, made it on to Darknet Diaries Achievement unlocked.

Don't miss out on our upcoming webinar where Luke Jennings will be demoing infostealers, showing how to steal cookies and hijack sessions for MFA-protected services like M365 and downstream SaaS apps. Details below 👇 Pick a time and register here: pushsecurity.com/webinar/infost…

Ready to meet the REAL cookie monster? Join us on September 12th where Luke Jennings will be compromising MFA-protected services by stealing session cookies and hijacking live sessions. Don’t miss out – register here: pushsecurity.com/webinar/infost…

Are you at GrrCON? Join us tonight for an epic evening of delicious food, refreshing drinks, and fantastic networking. Spots are going quickly! Register now: lu.ma/grrconhappyhou…

1/ A new class of phishing - how verification phishing and cross-idp impersonation can bypass your SSO. Here is a video demo, but this is one where you really need to read the full article too - pushsecurity.com/blog/a-new-cla… I'll summarize the key points in this thread.

We're ready for Black Hat Europe this week! Stop by booth 436 to chat with Adam Bateman //O, Luke Jennings and the team about the rise in identity attacks – and how Push's browser-based ITDR solution gives defenders the advantage they need. We’ve got brand new swag too!

Have you signed up to see Luke Jennings use OpenAI Operator to automate identity attacks? Watch the clip below to see how it responds when tasked with logging into apps using stolen credentials. Want to see more? Register for the webinar here 👇 pushsecurity.com/webinar/automa…

🚀 We’re thrilled to announce our $30M Series B led by Redpoint, supercharging our mission to stop identity attacks 🚀 Check out the press release here: pushsecurity.com/news/push-secu…

Attacks have moved away from endpoints and internal networks to the browser — a blind spot for traditional security tools. Read more below 👇 pushsecurity.com/blog/how-the-b…