Latest news with #PicusSecurity
Techday NZ
2 days ago
- Techday NZ
Picus Security warns of rising enterprise password breaches
Picus Security has released the Blue Report 2025, revealing findings from over 160 million attack simulations in enterprise environments that raise concerns about the effectiveness of current cyber defence measures. The report indicates that password security is deteriorating, with researchers finding that passwords were cracked in 46% of environments tested, nearly double last year's figure of 25%. The Blue Report attributes this to ongoing reliance on weak or outdated password policies. Password vulnerability Weak passwords and inadequate password management were at the centre of the report's most alarming figures. In almost half of the tested environments, at least one password hash was successfully cracked. This upward trend suggests that enterprises are falling behind adversaries in the fight to maintain secure authentication processes. "We must operate under the assumption that adversaries already have access. An 'assume breach' mindset pushes organizations to detect the misuse of valid credentials faster, contain threats quickly, and limit lateral movement - which requires continuous validation of identity controls and stronger behavioural detection," said Dr. Süleyman Ozarslan, co-founder of Picus Security and VP of Picus Labs. Stolen credentials and data exfiltration The report found that attacks using valid credentials were successful in 98% of cases. This means that threat actors employing techniques such as MITRE ATT&CK T1078 (Valid Accounts) can evade defences almost without opposition. The researchers stated that these results make stolen credentials "practically unstoppable." Compounding the problem, just 3% of data exfiltration attempts were stopped by security systems, representing a sharp fall from the 9% prevention rate observed in 2024. This figure points to a growing risk of large-scale data theft for most enterprises. Ransomware trends The Blue Report also highlighted the continued prominence of ransomware, with certain strains remaining especially difficult for organisations to counter. For instance, BlackByte was cited as the hardest variant for enterprises to prevent, with a prevention effectiveness rate of only 26%. Other notable strains, BabLock and Maori, achieved prevention rates of 34% and 41% respectively. The result suggests ransomware operators have maintained an advantage in bypassing contemporary defences. Detection gaps The research identified significant deficiencies in early detection. Notably, prevention effectiveness for discovery techniques such as System Network Configuration Discovery and Process Discovery scored below 12%. According to Picus Security, this exposes substantial gaps in detection efforts, leaving organisations with a markedly reduced capacity to identify and contain threats promptly. Erosion of defence effectiveness Across the broader set of tested enterprise environments, Picus Security observed a decline in overall prevention effectiveness from 69% in 2024 to 62% in 2025. The company cited failures in detection rule configuration, persistent logging gaps, and suboptimal system integration as factors undermining situational awareness and defensive resilience. Although logging coverage remained steady at 54%, only 14% of attack attempts yielded alerts, meaning most malicious activity is able to proceed unobserved. The report summarises that defences can deteriorate rapidly without constant oversight and validation of security tools and policies. Increased infostealer malware activity, a rise in double-extortion ransomware attacks, and the increased ability of attackers to move laterally between systems after stealing credentials, all contribute to heightened exposure for enterprises in 2025. Methodology The Blue Report's findings are based on attack simulations executed by Picus Security customers from January to June 2025. Simulations were conducted in production environments using the company's Security Validation Platform and were analysed by Picus Labs and Picus Data Science teams. The report provides insights across different industries and includes specific recommendations aimed at helping organisations identify and address key risks.
Toronto Star
3 days ago
- Toronto Star
Picus Security Finds 46% of Enterprise Passwords Vulnerable to Cracking — 2X Increase From 2024
SAN FRANCISCO, Aug. 11, 2025 (GLOBE NEWSWIRE) — Picus Security, the leading security validation company, today released the Blue Report™ 2025, based on more than 160 million real-world attack simulations in live production environments. Now in its third year, the report provides a data-driven assessment of how well security controls perform against today's threats — and this year's findings are the most concerning to date. While cyberattacks grow in both volume and sophistication, defensive effectiveness is declining. This year's data paints a particularly grim picture: In 46% of environments, at least one password hash was successfully cracked, and data exfiltration attempts were only stopped 3% of the time, down from 9% in 2024. Combined, these trends show how quickly a single compromised credential can open the door to lateral movement and large-scale data theft. With infostealer malware tripling in prevalence and attackers increasingly bypassing defenses using valid logins, organizations face escalating risk from persistent and nearly invisible threats.
Mid East Info
5 days ago
- Business
- Mid East Info
Attackers Abusing Proofpoint and Intermedia Link Wrapping to Deliver Phishing Payloads: Cloudflare
DUBAI, UAE, August, 2025: From June 2025 through July 2025, the Cloudflare Email Security team has been tracking a cluster of cybercriminal threat activity leveraging Proofpoint and Intermedia link wrapping to mask phishing payloads, exploiting human trust and detection delays to bypass defenses. Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the moment of click. For example, an email link to might become While this is effective against known threats, attacks can still succeed if the wrapped link hasn't been flagged by the scanner at click time. Recent campaigns observed by the Cloudflare Email Security team reveal how attackers are abusing Proofpoint's and Intermedia's link wrapping features to bypass detection and redirect victims to a variety of Microsoft Office 365 phishing pages. This technique is particularly dangerous as victims are much more likely to click on a 'trusted' Proofpoint or Intermedia URL than an unwrapped phishing link. Impact: By cloaking malicious destinations with legitimate urldefense[.]proofpoint[.]com and url[.]emailprotection URLs, these phishing campaigns' abuse of trusted link wrapping services significantly increases the likelihood of a successful attack. Attackers exploit the inherent trust users place in these security tools, which can lead to higher click-through rates and a greater probability of impacts such as: Direct financial loss: By making fraudulent links appear legitimate, attackers lower user suspicion at the critical moment of click-time, making direct financial loss more likely. In 2024, email was the method of contact for 25% of fraud reports. Of these, 11% resulted in financial loss, amounting to an aggregate loss of $502 million and a median loss of $600 per incident. Compromise of personal accounts leading to identity theft: Link wrapping could serve as a highly reliable method for harvesting personal data. Phishing campaigns are a primary method for attackers to obtain personal information, contributing to 1.1 million identity theft reports in 2024, with credit card fraud and government benefits fraud being top categories. Significant time burden for victims: Victims of identity theft, often initiated through phishing, face substantial time burdens, with tax-related cases averaging over 22 months (676 days) for resolution in Fiscal Year 2024. Phishing as leading breach method: Comcast research shows 67% of all breaches start with someone clicking on a seemingly safe link. Credential theft via phishing: The 300% spike in credential theft incidents observed by Picus Security in 2024 can be fueled by more effective phishing techniques like link wrapping. Mitigation and detection: Because this campaign abuses the trusted domains of security providers, conventional reputation-based URL filtering is ineffective. The following detections were written by Cloudflare Email Security to protect against phishing campaigns leveraging the link wrapping techniques described. They leverage a variety of signals based on historical campaign data, and incorporate machine learning models trained on messages containing link wrapping URLs. 'Threat actors are constantly evolving their tactics to exploit even the most trusted layers of email security. What we're seeing with the abuse of link wrapping is a stark reminder that attackers are not just targeting users — they're manipulating the very systems meant to protect them. At Cloudflare, our mission is to stay ahead of these threats with proactive, AI-powered detection and comprehensive visibility across the email attack surface. We're committed to helping organizations in the Middle East and globally close these blind spots and build a more secure digital environment,' concludes Bashar Bashaireh, AVP Middle East, Türkiye & North Africa at Cloudflare.
Techday NZ
22-05-2025
- Business
- Techday NZ
Picus launches tool for real-time validation of exploitable risks
Picus Security has introduced a new capability designed to help security teams determine which vulnerabilities in their environments are actually exploitable. The new feature, called Picus Exposure Validation, uses real-time attack simulations to provide evidence-based assessments of vulnerability risks within a specific organisation's environment. This approach aims to address the challenge of large numbers of vulnerabilities that are often identified but not all requiring immediate attention or remediation. With more than 40,000 new Common Vulnerabilities and Exposures (CVEs) disclosed in 2024 - with 61% ranked as high or critical - security teams often struggle to respond effectively, as traditional vulnerability management methods can lead to inefficient allocation of resources. Picus Security says the new capability assists security teams in distinguishing between vulnerabilities that can actually be exploited in their unique systems and those that can be safely deprioritised. Traditional vulnerability management is typically driven by severity metrics such as Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS), which provide generalised risk indicators but may not account for an individual organisation's existing security controls and asset criticality. Picus Exposure Validation aims to fill this gap with the Picus Exposure Score, an evidence-based, context-aware metric intended to reflect actual risk, according to the company. The system continuously tests security controls using real-world attack techniques to determine whether known vulnerabilities can be exploited given the organisation's current defences. The findings are automatically updated and presented in transparent reports, enabling quicker and more confident decision-making in response to new security threats. Volkan Ertürk, Co-Founder and Chief Technology Officer at Picus Security, commented: "The challenge today isn't finding vulnerabilities, it's knowing which ones matter in your unique environment. CVSS, EPSS and KEV offer theoretical risk signals. Picus Exposure Validation delivers proof by testing threats against your production defenses in real time. It replaces assumptions with evidence so security teams can focus on vulnerabilities that are actually exploitable." Key features highlighted by the company include the ability for security teams to more accurately prioritise remediation work, safely deprioritise less urgent vulnerabilities, and reduce manual workloads through the use of automated validation processes. The solution is said to include tailored recommendations to quickly improve the effectiveness of security controls, offering an alternative when immediate patching is not feasible. A global industrial firm reported that, upon deploying Picus Exposure Validation, it was able to reduce its list of critical patches by 85%. Based solely on CVSS ratings, 63% of the vulnerabilities in the organisation's systems were initially classified as critical. However, after applying Picus Exposure Validation, it was found that only 9% of those were truly high risk and required prioritisation. This reduction reportedly saved the organisation thousands of hours on patching activity and allowed the security team to focus resources more efficiently. The company positions Picus Exposure Validation as a new methodology for combining data about vulnerabilities with automated attack simulation to create an organisation-specific analysis of exploitability. This approach, according to Picus, offers security teams a more focused view on where to deploy efforts for mitigation and remediation and thereby enables more effective closing of security gaps. The Picus Exposure Validation feature is now available to organisations seeking enhanced vulnerability validation for their own environments. Follow us on: Share on:
Bahrain News Gazette
01-04-2025
- Business
- Bahrain News Gazette
Picus Security Announces Recognition in Gartner® Market Guide for Adversarial Exposure Validation
Picus Security strives to empower offensive and defensive security teams working to validate threat exposures against attack scenarios and techniques. SAN FRANCISCO, March 31, 2025 (GLOBE NEWSWIRE) — Picus Security , the leading security validation company, today announced that it has been named a Representative Vendor in the Gartner ® Market Guide for Adversarial Exposure Validation (AEV). The AEV category includes technology that validates vulnerabilities and identifies techniques that allow adversaries to exploit an organization. This research helps security and risk management leaders understand the key use cases of adversarial exposure validation and navigate the AEV solution market. The AEV market category brings breach and attack simulation (BAS), automated penetration testing and red teaming technologies together, three categories that were previously separate in the Gartner ® Hype Cycle for Security Operations. Gartner states that by '2027, 40% of organizations will have adopted formal exposure validation initiatives, most relying on AEV technologies and managed service providers for maturity and consistency.' The Picus Security Validation Platform enables organizations to simulate real-world attack scenarios, providing continuous, automated validation of exploitable exposures while assessing the effectiveness of security controls. By emulating adversarial tactics, techniques and procedures (TTPs), Picus assists security teams in identifying critical vulnerabilities, prioritizing remediation efforts and enhancing overall security posture without increasing the skill level required by security defense teams. 'The flood of analyst inquiries proves that organizations want to validate threat exposures through real-world attack scenarios to justify security investments and prioritize vulnerabilities,' said Picus Security co-founder and CTO Volkan Ertürk. 'Organizations have too many vulnerabilities that are disconnected from their security controls and context. The Picus platform uniquely provides evidence-based exposure prioritization and validation, derisking critical vulnerabilities that are not truly exploitable, so security teams can focus on what matters the most.' After a comprehensive review of the Gartner Market Guide for Adversarial Exposure Validation, Picus Security found: AEV solutions help organizations strengthen defenses, prioritize vulnerabilities and improve readiness for real-world attacks. The AEV market is rapidly evolving, with vendors offering both specialized and comprehensive capabilities to address diverse security validation needs. AEV technology reduces complexity and lowers the skills barrier required for offensive testing. Integration and automation capabilities within AEV solutions streamline security operations, enhance collaboration among teams and improve the precision and effectiveness of security testing. To learn more, download the Gartner ® Market Guide for Adversarial Exposure Validation or read our recent blog on how AEV is a force multiplier. About Gartner ® GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About Picus Security Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort. Offering Adversarial Exposure Validation with Breach and Attack Simulation and Automated Penetration Testing working together for greater outcomes Picus delivers award-winning, threat-centric technology that allows teams to pinpoint fixes worth pursuing. Follow Picus Security on X and LinkedIn . Contact Jennifer Tanner Look Left Marketing [email protected] GlobeNewswire Distribution ID 9414071
