By design, Salesforce is an environment where customer PII and other sensitive information must be shared and stored. However, compliance regulations like PCI DSS, HIPAA, GDPR, CCPA, and others limit this storage and usage of customer data to only what’s justifiably required for an organization to carry out its duties. Even then, there are requirements for how this data should be stored – like whether it should be encrypted, for example.

Password reuse is a common practice amongst teams that can lead to a cybercriminal getting a hold of your online credentials. Despite knowing that it can leave your accounts compromised, a majority of people are still guilty of reusing their passwords. Results from an online security survey by Google and Harrison Poll found that: As cybercriminals use more sophisticated attacks, organizations must emphasize the importance of good cyber hygiene practices to prevent data breaches.

We are pleased to announce the launch of NC Encrypt to provide independent encryption key management and Bring Your Own Key (BYOK) support for Microsoft 365 applications and SharePoint Server environments. The sheer number of communication and collaboration channels the M365 platform has introduced, increases the vulnerability of sensitive data and potential for accidental data loss or overexposure, making protection mechanisms such as encryption critical.

With the massive increase in mobile device sales worldwide, it is easy to imagine that the number of people using the internet while travelling has also increased significantly in recent years. With this growth in online activity comes a greater risk of becoming a victim of cybercrime. There are a number of steps that travellers can take to protect themselves from becoming targets of cybercrime. Here are 10 tips for staying cyber safe while travelling.

The technology industry has unlocked innovation across all sectors as an enabler of digital transformation. Most organizations are now outsourcing critical operations to tech companies, such as cloud providers. Tech vendors are now left to manage an ever-growing volume of sensitive data, which they must secure effectively to prevent large-scale data breaches. IBM and Ponemon Institute’s 2022 Cost of a Data Breach Report found a record high average breach cost of US$4.35 million.

Remote Desktop Protocol (RDP) is a protocol developed by Microsoft which at its core is designed to give users a graphical interface to a remote Windows computer over a network connection. The remote Windows machine runs an RDP server, while the local computer accessing it runs an RDP client. Windows comes bundled with Microsoft's Remote Desktop Connection to easily access Windows hosts over RDP.

Before the rise of cloud computing and small autonomous services built with containers, a typical application would consist of a monolith of code with a frontend, a backend and a database. Developers would take extra caution when updating their code because any change or bug could affect the entire application. As an alternative, microservices broke down applications into small interconnected services — each responsible for their discrete function, collaborating using APIs.

In the middle of March 2022, Zenity research team discovered a sandbox-escape vulnerability in Code by Zapier, a service used by Zapier to execute custom code as part of a Zap. Exploiting this vulnerability, any user could take full control over the execution environment of their entire account allowing them to manipulate results and steal sensitive data. For example, a Zapier user could take control over the admin’s custom code execution environment.

On 28th of August fortbridge.co.uk reported a vulnerability in csurf middleware – expressjs supporting library that enables CSRF protection in expressjs. As of 13th of September csurf library has been deprecated with no plans to fix the vulnerabilities. There is no viable alternative for csurf middleware now.

In today’s hybrid, multi-cloud environments, users and administrators connect to various cloud services using Command Line Interface (CLI) tools and web browsers. This post highlights the risks associated with unprotected and unmonitored cloud credentials which are found on endpoints, in file shares and in browser cookies. Get actionable and direct guidance around: In order to alert on and hunt for this malicious activity. Business workloads are increasingly undergoing a migration to the cloud.