During some standard research as part of the Outpost24 Vulnerability Research Department, I discovered 5 vulnerabilities in Zyxel NAS devices: The vulnerabilities were disclosed to Zyxel on 2024-03-14 as part of our responsible disclosure policy, and have been resolved at the time of publishing this post (2024.06.04).

SAP recently announced the end-of-life for SAP Identity Manager (IDM). This announcement required SAP to establish guidelines for existing customers to transition away from the platform with other products. One Identity is a leading vendor of choice for this migration due to its well-established market presence and robust SAP solutions support. In this two-part blog series, we will shed some light on how One Identity can seamlessly integrate with SAP products, starting with its certified ABAP connector.

The financial industry experienced the second-highest data breach cost in 2023, according to IBM. This includes breaches that affected credit unions as well as other financial institutions. But, despite costs, what else is at stake if a credit union is breached? If a credit union is breached, customer Personally Identifiable Information (PII) is at risk of being exposed and used for malicious purposes such as identity theft and fraud.

IONIX’s Cloud Cross-View (CCV) uses cloud integrations to broaden the scope of attack surface mapping and coverage beyond traditional methods of monitoring. CCV extends asset analysis to consider aspects that are specific to cloud environments. This complements CSPM and CNAPP solutions by enriching them with broader attack surface data obtained through IONIX’s EASM capabilities.

Penetration testing is a cornerstone of any mature security program and is a mature and well understood practice supported by robust methodologies, tools, and frameworks. The tactical goals of these engagements typically revolve around identification and exploitation of vulnerabilities in technology, processes, and people to gain initial, elevated, and administrative access to the target environment.

The concept of least privilege access has emerged as a paramount principle, serving as a cornerstone for robust identity governance and access management strategies. By adhering to this tenet, organizations can effectively mitigate the risks associated with account compromises, insider threats, and unauthorized access to sensitive resources.

Did you know that in 2023, over 133 million healthcare records were breached? Healthcare has remained the most popular target for hackers and cybercriminals to attack. Why? These industries contain a huge amount of sensitive information, including: With such a vast amount of data at stake, tools for doctors should focus on privacy and security and help keep healthcare information safe from data breaches.

PowerShell is a powerful tool that is used for automating monotonous and time-consuming tasks. However, using these without code signing can leave you vulnerable to cyber-attacks. This blog will explain the PowerShell code signing best practices for signing your script. Let’s begin!

We are thrilled to announce the strategic partnership between Snyk and Snowflake, two industry leaders coming together to revolutionize data security and empower organizations worldwide. This partnership brings unparalleled benefits to our customers by combining the advanced capabilities of Snyk’s security data with the robust infrastructure of Snowflake's data platform, therefore equipping Snyk customers with powerful insights into their security posture.

The prevalence of cyber crime continues to soar, victimizing individuals in both their work and private lives. Cybercriminals are indiscriminate, targeting around the clock and across the globe. With digital security advancing, these criminals shift their focus to exploiting human weakness amidst increasingly secure technological environments.