Tamnoon today announced the launch of Managed CDR (Cloud Detection and Response), a managed service designed to validate, contextualize, and respond to cloud security alerts. Built on AWS and launching with Wiz Defend, Amazon GuardDuty, Crowdstrike Falcon, and Orca Security, with more coming soon, the cloud security agnostic service is already integrating with existing CNAPP offerings runtime detection functionality.
As part of the launch, the company also introduced Tami, a context-aware, scalable, and efficient AI-powered agent capability for Managed CDR. Tami works alongside Tamnoon’s human expert-led remediation team (CloudPros) to assess production impact, determine the optimal remediation path, and accelerate resolution at scale, significantly faster than human-only efforts. Already integrated into Tamnoon’s Managed CNAPP, Tami consolidates and enhances multiple alerts into structured initiatives, enabling precise prioritization and action. By combining machine learning and AI with expert services, Tamnoon ensures findings are reviewed, refined, and resolved efficiently, without compromising stability or speed.
According to Tamnoon’s 2025 State of Cloud Remediation Report, over 35% of all alerts are classified as critical or high, with critical alerts taking almost a year to resolve. While some organizations manage to stay on top of these alerts, the majority find themselves drowning in a sea of high-priority noise. CDR alerts are especially resource-intensive because they persist until manually reviewed and require an active resolution decision. What may begin as 5–10 unreviewed alerts can quickly escalate to 100 or more, introducing alert fatigue and operational bottlenecks and hiding active critical threats. Tamnoon’s Tami reviews these alerts for CloudPros, who then validate and triage runtime alerts, closing false positives and escalating verified threats—effectively operating as a managed cloud-native response layer similar to MDR, but purpose-built for modern cloud environments.
Tamnoon’s Managed CNAPP service offers existing native integrations with Wiz, Prisma Cloud, Orca Security, and other leading CNAPPs, enabling deduplication and contextualization of findings across multi-cloud deployments. This cross-platform capability allows Tamnoon to manage alert persistence for deprovisioned resources that would otherwise require manual intervention, while providing specific expertise around cloud-native concerns and delivering the remediation in any format, something that traditional endpoint-focused MDRs cannot properly evaluate.
Tamnoon will be demonstrating the new Managed CDR service at AWS re:Inforce 2025 (booth #521) in Philadelphia, PA on June 16–18, 2025. For more information or to schedule a demo, visit https://tamnoon.io/managed-cdr/.
Beware of Malicious Cookies on Fake Booking.com Websites, Warns HP Wolf Security
Posted in Commentary with tags HP on June 12, 2025 by itnerdHP Inc. today issued its latest Threat Insights Report, showing attackers continuing to take advantage of users’ “click fatigue” – particularly during fast paced, time-sensitive browsing moments, like booking travel deals.
With analysis of real-world cyberattacks, the report helps organizations to keep up with the latest techniques cybercriminals are using to evade detection and breach PCs in the fast-changing cybercrime landscape.
The report details an investigation into suspicious domains – related to an earlier CAPTCHA-themed campaign – which uncovered fake travel booking websites. The spoofed sites feature branding imitating booking.com, but with the content blurred, and a deceptive cookie banner designed to trick users into clicking “Accept” – triggering a download of a malicious JavaScript file.
Opening the file installs XWorm, a remote access trojan (RAT) that gives attackers full control of the device, including access to files, webcams, microphones, and the ability to deploy further malware or disable security tools.
The campaign was first detected in Q1 2025, coinciding with the peak summer holiday booking period – a time when users are particularly vulnerable to travel-themed lures. Yet it remains active, with new domains continuing to be registered and used to deliver the same booking-related lure.
Based on data from millions of endpoints running HP Wolf Security, HP threat researchers also discovered:
By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely inside secure containers – HP Wolf Security has specific insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on over 50 billion email attachments, web pages, and downloaded files with no reported breaches.
Please visit the HP Threat Research Blog to view the report.
Leave a comment »