After a series of high-profile cryptocurrency heists, a state-sponsored North Korean malicious hacking group is poised to cash out millions of dollars. That's the opinion of the FBI, which this week has warned cryptocurrency companies about recent blockchain activity it has observed connected to the theft of hundreds of millions of cryptocurrency in recent months.

AWS stands for Amazon Web Services. AWS penetration testing is the process of testing a cloud infrastructure for potential vulnerabilities. It involves identifying, exploiting and reporting security flaws that could put the system at risk. This type of test helps organisations identify and mitigate any risks to their data and applications hosted on the AWS platform and provide maximum protection for their business operations.

CREST, or the Council of Registered Ethical Security Testers, is an independent accreditation and certification body for the information security industry. It ensures that penetration testers have a minimum standard of qualifications and experience. By using CREST-approved testers, organisations can be certain that their chosen tester is properly qualified to carry out the work.

Research shows many companies now own and operate more than 60 disparate security tools, yet breaches continue to make headlines. Throwing more tools at the problem is a tactic that simply doesn’t work and— with trends pointing toward tighter security budgets—may not even be possible anymore. Security leaders are now in a position that requires them to ask tough questions and carefully scrutinize new security tools before pulling the trigger on purchases.

We’re incredibly excited to introduce labs, a new space in the 1Password apps that lets customers test new experimental features to help influence the future of 1Password.

For security teams managing their enterprises’ privileged access management (PAM) programs, times have changed and what’s considered a privileged or high-risk account has drastically shifted. In turn, the way organizations not only manage privilege, but comprehensively secure it, must also shift. Historically, organizations have managed their PAM programs by vaulting and rotating credentials on privileged accounts.

CISA added CVE-2023-24489 to the Known Exploited Vulnerabilities Catalog in August 2023. CVE-2023-24489 is an access control vulnerability impacting the use of Citrix ShareFile StorageZones Controller version 5.11.24 and below. Citrix ShareFile is a real-time collaboration platform. While ShareFile primarily offers a cloud-based file-sharing application, there are some features that accommodate data storage through the use of a storage zone controller.

M&T Bank was established in 1856 and is one of the largest banks in the US. It is based in Buffalo, New York, and currently has over 1,000 branches in 12 separate states. The bank houses data for hundreds of thousands of individuals, and some of that information may be at risk because of a recent breach. Learn all about the 2023 M&T Bank data breach below.

At Tines we drink our own champagne. The tines@tines blog series is a testament to the unique ways we’ve leveraged Tines to accelerate our own processes. As the title implies, this post is about how we built a self-service free trial process using Tines.

Cal.com provides an innovative scheduling and time management platform for individuals and enterprises to streamline their calendar and appointment processes. Their mission is to connect one billion people through the use of their platform by 2031. To achieve this, BoxyHQ’s enterprise-ready SSO would provide the reliable authentication they needed to maintain their customer's security and trust.