Please turn on your JavaScript for this page to function normally.
cloud
Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. …

Foundation Software
Hackers breaching construction firms via specialized accounting software

Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. …

keys
Gateways to havoc: Overprivileged dormant service accounts

Service accounts are non-human identities used to automate machine-to-machine interactions. They support critical functions – such as running scripts, services, and …

Dropbox
Dropbox says attackers accessed customer and MFA info, API keys

File hosting service Dropbox has confirmed that attackers have breached the Dropbox Sign production environment and accessed customer personal and authentication information. …

Delinea Secret Server
A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass …

data
Preventing insider access from leaking to malicious actors

In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world …

security awareness
Finding the right approach to security awareness

As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become …

stop
Microsoft Defender can automatically contain compromised user accounts

The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of …

AWS keys
Amazon: AWS root accounts must have MFA enabled

Amazon wants to make it more difficult for attackers to compromise Amazon Web Services (AWS) root accounts, by requiring those account holders to enable multi-factor …

programmer
Goodbyes are difficult, IT offboarding processes make them harder

When employees, contractors and service providers leave an organization, they take with them knowledge, capabilities, and professional achievements. They should leave behind …

PAM solution
Benefits of modern PAM: Efficiency, security, compliance

Many legacy Privileged Access Management (PAM) solutions are still very manual regarding what they do and how they manage user access and permissions. They are geared toward …

encryption
How to prevent permission bloat: Overlooked and hidden access

When it comes to your organizational security, you should leave no stone unturned. Overlooked access rights are one of the most unnoticed security threats your organization …

Don't miss

Cybersecurity news