Weak authentication practices in popular SaaS apps
Research reveals how poor authentication requirements can be even in popular SaaS applications such as Shopify, Zendesk, Trello and others.
top of page
Jul 25, 2022
Atlassian patches batch of critical vulnerabilities across multiple products
Atlassian has fixed some important vulnerabilities in its collaboration tools, one of them a hardcoded privileged user and password(!)
Jul 25, 2022
Secure cloud access with Zero Trust Network Access (ZTNA)
Securing diverse cloud environments is hard, but the ZTNA approach can help, as reported by Ponemon Institute research.
Jul 24, 2022
Cumulative losses due to online payment fraud set to increase
According to research, growth in e-commerce will fuel a boom in online payment fraud in the next 5 years.
Jul 24, 2022
Minimizing the RDP attack vector with Microsoft Account Lockout Policy
A long overdue change in Microsoft Windows: account lockout policy turned on by default.
Jul 22, 2022
Log4j vulnerability: the view from US Cyber Safety Review Board
Back in 2021, a catastrophic flaw in the Log4J library forced many to patch their critical systems. Now, the US government is weighing in.
Jul 22, 2022
Phishing attacks now target MFA enabled MS365 accounts
Innovations in phishing kits now enable bypass of MFA authentication, as shown in Microsoft's assessment of a successful campaign.
Jul 21, 2022
Healthcare organizations targeted by Maui ransomware
Ransomware providers and legitimate companies cover different market niches. In the case of the Maui ransomware, it's about healthcare.
Jul 21, 2022
Businesses lack visibility into their endpoints
As cyberattacks increase, organizations are under pressure to implement effective endpoint management solutions and tackle agent sprawl.
bottom of page