MIxmode Blog

The latest stories on Cybersecurity, AI, and everything in between from MixMode

Why Zero-Day Attacks Bypass Traditional Firewall Security: Defending Against Zero-Day’s like Palo Alto Networks CVE-2024-0012

By MixMode Threat Research | December 5, 2024

Recently, Palo Alto Networks identified and patched a critical zero-day vulnerability in their next-generation firewalls (NGFWs). This vulnerability, tracked as CVE-2024-0012, allowed attackers to execute code on vulnerable devices remotely. This vulnerability has been actively exploited in attacks dubbed “Operation Lunar Peek.”

Read More

Alarming Intrusion: Chinese Government Hackers Target US Internet Providers

By MixMode Threat Research | August 29, 2024

A recent Washington Post report sent shockwaves through the cybersecurity landscape, revealing that Chinese government-backed hackers have infiltrated at least two major US internet service providers (ISPs) and several smaller ones.

Read More

Critical Microsoft Zero-Day Vulnerability Exploited in the Wild for Over a Year

By MixMode Threat Research | July 25, 2024

A severe zero-day vulnerability in Microsoft Windows, tracked as CVE-2024-38112, has been actively exploited by threat actors for at least 18 months. This security flaw in the Windows MSHTML Platform allows remote code execution, potentially compromising numerous organizations worldwide.

Read More

Nation-States and Zero-days Cranking Up the Heat

By Joe Ariganello | July 18, 2024

Summertime isn’t just for vacations and barbecues—it’s also prime season for zero-day attacks. These attacks, launched by malicious actors exploiting previously unknown vulnerabilities in software, are a significant concern for national security and cybersecurity professionals.

Read More

Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack

By Joe Ariganello | May 1, 2024

Zero-day threats continue to wreak havoc on organizations worldwide, with recent attacks targeting corporate and government networks. In the last few weeks, government-sponsored threat actors have targeted Palo Alto Networks and Cisco ASA (Adaptive Security Appliance).

Read More

Zero-Day Attacks on the Rise: Google Reports 50% Increase in 2023

By Joe Ariganello | April 9, 2024

There’s bad news and not-so-bad news in the world of cybersecurity. In a recent report, Google revealed a significant rise in zero-day attacks, those exploiting previously unknown software vulnerabilities. However, despite the increase, there’s a silver lining.

Read More

The Current State of SOC Operations Shows The Escalating Need for AI in Cybersecurity

By Joe Ariganello | February 15, 2024

As cyber threats grow more sophisticated, organizations are starting to turn to artificial intelligence (AI) to reinforce their security operations. But how widespread is the adoption of AI, and how effectively is it being leveraged?

Read More

Driving Towards Zero-Days: Hackers Take Turns Uncovering Exploits at Pwn20wn

By Joe Ariganello | January 30, 2024

Hackathon events like Pwn2Own Automotive 2024 play a crucial role in shedding light on zero-day attacks and significantly benefit security teams in several ways. These events bring together talented security researchers, ethical hackers, and industry professionals to uncover and demonstrate vulnerabilities in automotive technologies, including zero-day exploits.

Read More

Zero Day Summer is No Vacation

By Joe Ariganello | August 24, 2023

“Zero-day Summer” refers to the period during summertime when cybercriminals take advantage of the vulnerabilities in software, applications, and computer systems that remain undetected and unpatched by security teams.

Read More

Detecting the MOVEit Zero-Day: How MixMode AI Stays Ahead of Threats

By Josh Snow | July 27, 2023

We discuss a real-life example of a zero-day exploit, focusing on the MOVEit Transfer Software, and how MixMode can detect and mitigate such threats before they become widespread.

Read More

About MixMode

MixMode is the first to bring a third-wave, context-aware AI approach that automatically learns and adapts to dynamically changing environments. MixMode’s monitoring platform, PacketSled, better understands network behavior as it adapts to baseline changes and enables both misuse detection and anomaly detection, as well as predictive maintenance. Used by enterprises and MSSPs for real-time network analysis, threat hunting and incident response, the platform leverages continuous stream monitoring and retrospection to provide network forensics and security analytics. Security teams can integrate PacketSled into their orchestration engine, SIEM, or use PacketSled independently to dramatically reduce false positive alerts and the resources required to respond to persistent threats, malware, insider attacks and nation state espionage efforts.

The company has been named an innovator in leading publications and by security analysts, including SC Magazine, earning a finalist award in 2018 and 2019 for "Best Computer Forensic Solution.” Based in Santa Barbara, with offices in San Diego, the company is backed by Keshif Ventures and Blu Venture Investors. For case studies, continuous product updates and industry news, please visit us at www.mixmode.ai.