Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Dark Side of Black Friday: When Ransomware Attacks Join the Shopping Rush

As retailers gear up for the year’s biggest sales, cybercriminals are preparing for their own “Black Friday rush.” They’re not after TVs, they’re after data. Last year, phishing surged more than 600%1 during Black Friday week and ransomware attacks rose nearly 60%2.

Cato CTRL Threat Research: Two Vulnerabilities in Anthropic's MCP SDK Enable OAuth Token Theft and Supply Chain Attacks

The SolarWinds supply chain attack in 2020 reminded the world how a single weakness in trusted software can have global consequences. That incident reshaped how organizations view software integrity and the importance of securing every stage of the development pipeline.

Armis and Cato: Redefining Device Security Through Intelligence and Enforcement

In today’s hyper-connected world, organizations face an unprecedented challenge: securing the explosive growth of connected devices across their networks. From laptops and smartphones to IoT and OT systems, the device ecosystem is expanding at a pace that traditional tracking and protection methods cannot keep up with.

Securing the AI Browser Revolution: How Cato Helps Mitigate Risks in OpenAI Atlas

The launch of OpenAI Atlas, an AI-powered browser that merges ChatGPT’s intelligence with a full web experience, marks a major leap in how people interact with the internet. Instead of typing queries or clicking through pages, users can now ask, act, and automate, delegating browsing tasks to AI agents capable of retrieving data, filling in forms, or performing actions on their behalf. For businesses, Atlas represents both opportunity and risk.

Resilient by Design: Cato's Visibility and Backbone Performance Through the AWS Outage

On October 20, 2025, Amazon Web Services (AWS) experienced an outage affecting its US-East-1 region. The event caused temporary service degradation across a wide range of global applications and digital services, including business collaboration tools, financial platforms, airline operations, and consumer-facing websites used by millions of people worldwide, as reported in the news. We extend our appreciation to our partners at AWS for their swift and professional handling of the incident.

Cato CTRL Threat Research: Preventing Privilege Escalation via Active Directory Certificate Services (ADCS)

Maintaining an Active Directory (AD) enterprise environment is no easy task. Between all the permissions, security compliances, update cycles, emergency patches, appliance configurations and more, covering all the bases could feel overwhelming at times and could lead to errors that may result in major consequences.

Stop the Silent Spread with Unified ZTNA

Attackers exploit fragmented access controls and security blind spots to silently escalate their presence and prepare for data theft. The initial breach is usually only the start – what comes next will have a greater impact. Once an attacker compromises a single endpoint, the focus quickly shifts to expanding reach, moving laterally, elevating privileges, and staging data theft. If access controls are inconsistent or overly permissive, this becomes easy.

Meeting the Retail Industry's Evolving Cybersecurity Needs

Retailers face increasing cybersecurity threats while navigating stringent compliance requirements. With an extensive digital presence across physical stores, e-commerce platforms, and supply chains, retailers are prime targets for cybercriminals seeking to steal financial and personal data. Ransomware attacks, phishing, and point-of-sale (POS) system breaches can lead to substantial financial and reputational damage.

Unmanaged Doesn't Have to Mean Unprotected

Today’s enterprises are more fluid than ever. Employees work from personal devices, contractors join from unmanaged devices, and IT teams are expected to secure it all—without adding complexity or degrading performance. But most secure access tools were never built for this reality. The Cato Browser Extension offers a better way forward. It brings zero-trust access to unmanaged devices, BYOD, or third-party systems without installing endpoint software.

Future-Proof Your Business with SASE and Zero Trust

Today’s enterprises are facing relentless change. Digital transformation, cloud migration, hybrid work, and M&A are moving faster than most IT organizations can keep up with. While the business demands speed and agility, IT and security teams are often constrained by fragmented tools, legacy systems, and skill shortages. As a result, CxOs are caught between two priorities: enabling innovation and ensuring a secure enterprise.