Jacques Louw

If you're interested in defending against Cyberhaven-style attacks against browser extension vendors, I wrote a guide around hardening browser extension deployments you might find interesting: pushsecurity.com/blog/guide-to-…

1/ A new class of phishing - how verification phishing and cross-idp impersonation can bypass your SSO. Here is a video demo, but this is one where you really need to read the full article too - pushsecurity.com/blog/a-new-cla… I'll summarize the key points in this thread.

It's so cool to see the active development of evasion techniques in phishing kits - tells you a lot about the counter-evasion techniques they're running into!

I wrote a blog post on the many defense mechanisms phishing kits are using to avoid discovery and analysis now. I used a recent instance of NakedPages and cover 9 different techniques, including Cloudflare Workers and Turnstile abuse. IOCs included. pushsecurity.com/blog/how-aitm-…

@jukelennings Having seen the details I think these malware devs need to invest in a good PM and some integration testing 😅 Can't wait for the full write up!

1/ It’s fascinating how many layers of protection even poorly written AiTM phishing kits put in place to frustrate discovery now. I’m talking about the type of kit where the authors forgot to implement the JS encryption function placeholder they wrote so it returns clear text😂

Now you can detect and block identity attacks directly inside any web browser. 1. Stop corp password reuse and phishing 2. Detect EvilGinx/EvilNoVNC 3. Session Hijacking detection ... and more. Hear the full announcement on @riskybusiness risky.biz/snakeoilers19p…

Awesome post from @_xpn_ trustedsec.com/blog/okta-for-… - thanks for sharing MalIDP, essential modern offensive tooling!

Really nice in-depth technical explanation of these new techniques.

@KyleHanslovan @PushSecurity @DataBreachToday Thanks a mil @KyleHanslovan - but glory for this goes to @jukelennings who did the actual work (rather than blog about it!)

@PushSecurity @DataBreachToday Big thanks @PushSecurity team for the polite shoutout! Just highlighted Jacques' great work with the SaaS ATT&CK framework on a webinar this week!

Fantastic interview with @KyleHanslovan in @DataBreachToday: "When you think identity, you probably think of credentials...But most people forget, that could be a mailbox. Why use phishing if you get the identity?" #security #identitysecurity buff.ly/44uWL7T

Great interview with our CEO and co-founder @ajaybateman and @dspark on @CISOseries about "Securing identity in the age of self-service" "It's about creating a paved path for employees to walk..." Link in 🧵!

1/ I kinda accidentally owned myself with my own shadow workflow attack. I definitely think they are going to become a standard technique. I mean they are pretty much the offensive powershell of the SaaS world! So how did this happen?

👋 New feature alert! Classify SaaS apps in the Push platform based on the sensitivity of the data they contain or the permissions they've been granted. Use the Approval status to capture your decision about an app -- is it in or out? Link in 🧵 #SaaSsecurity #security

I’ve just released some research into 38 SaaS-native attack techniques across the kill chain and produced a SaaS attack matrix to go along with it. github.com/pushsecurity/s… This is just the beginning but my hope is this will become an ongoing community project.

📣 NEW FEATURE ALERT - Uncover shared SaaS accounts Tldr - Push can now show you which app accounts are being used by multiple employees and who's using them. #shadowit #security #infosec #rogueit #RiskManagement Give it a try for free: buff.ly/40jLC7Z

Big news today - we're announcing our $15M Series A funding round, led by @GVteam. @karimfaris @jonoberheide join our board, @dugsong @richwaldron @frfrdufour join as investors, + @DecibelVC buff.ly/3ZGG9aS #VC

@dannguyenhuu @PushSecurity @jonsakoda @ajaybateman @metall0id @jonoberheide Had a great time touring the bay area and talking product, thanks for the personal touch @jonsakoda @dannguyenhuu and @staceywueste - hope we get to meet up in person again soon!

Awesome hosting @jacques_sec of @PushSecurity yesterday alongside @jonsakoda here in the Bay Area. Finally in person! Missed you @ajaybateman @metall0id @jonoberheide

Some amazing praise from Jason Waits, CISO at Inductive Automation on why we won their POC. His comments on our user-centric approach made our day! 🙌

Managed browser extension deployments are here! You can now be up and running with Push, with all of your employees onboarded, in minutes. buff.ly/3TjcKBR #SaaSsecurity #cloudsecurity

Stop blocking. Instead, equip employees to secure their SaaS. There's a better approach to securing SaaS than simply blocking and restricting unsanctioned apps buff.ly/3wCuzlT #SaaSsecurity #CASB #infosec

Here's a quick guide to finding the right SaaS security solution for your company. It's basically a choose-your-own-adventure for finding a good fit for your specific use case, infrastructure, and data. buff.ly/3cHHjAk #SaaSSecurity #CloudSecurity