By the end of 2020, Microsoft 365 was used by more than one million companies worldwide. And for good reason. With the move to remote work, applications like Word and Excel, Teams, OneDrive and SharePoint, provided businesses with a familiar, easy to access, and easy to use productivity suite – all available in the cloud.
Traditionally, when selecting a bot management solution, businesses have chosen a multi-purpose security bundle bolted on to a content delivery network (CDN), typically a product such as an Akamai or CloudFlare CDN. While bolt-on bot solutions have their benefits, they lack the comprehensive feature set needed to combat the ever-growing bot threat.
With software supply chain attacks on the rise, are you wondering how you can recover quickly from the recent SolarWinds breach at your company? Months after its discovery, the devastating SolarWinds hack remains a top concern for business, government and IT leaders. This destructive supply chain attack put the spotlight on software development security — a critical issue for the DevOps community.
Companies of all sizes need clear and cohesive security visibility over every aspect of their organization. As data and assets are trending to mobile, it’s critical to be equipped with the right tools to gain insights on mobile devices and users on the endpoints and mitigate threats whenever needed.
Over time technologies evolved and now things that seemed to be not possible several years ago become the reality. Now you can order food, services, and basically anything you need online, and pay for it without leaving home. No surprise here, that cash payments are becoming a relic of the past. Along with wireless payments like Google or Apple pay (that still require assigning a banking account or card i.e. physical currency), the cryptocurrencies like Bitcoin are getting widely used.
Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes even more complicated if those malicious processes are hidden. A malware using open source tools to evade detection has been reported. The open source project used by the malware is libprocesshider, a tool created by Sysdig’s former chief architect Gianluca.
The Oldsmar, Florida, water breach is two months behind us, but the lessons learned will continue to reverberate for thousands of budget-constrained municipal utilities in North America, as well as other regions across the world.
‘More_eggs’ is a backdoor sold as a “malware-as-a-service” (MaaS) by a threat group known as “Golden Chickens” and predominantly used by three criminal groups: FIN6, Cobalt Group, and Evilnum. In the latest campaign, unearthed by researchers from eSentire and targeting a professional working in the healthcare technology industry, a threat actor is exploiting fake job offers on LinkedIn to deploy the ‘More_eggs’ backdoor on the victim’s machine.
Security Assertion Markup Language (SAML) 2.0 is one of the most widely used open standard for authentication and authorizing between multiple parties. It’s one of the protocol that give users the single sign-on (SSO) experience for applications. The other adopted open standard is OAuth and OpenID. Of the two, SAML 2.0, released in 2005, remains the 800 pound gorilla in Enterprise SSO space. This post provides a detailed introduction on how SAML works.
Year after year, cyberattackers cause unnecessary stress for organizations, disrupting innovation and impacting profit. 2020 was no different – last year brought a bevy of damaging breaches that cost organizations precious money and time they couldn’t get back. Ranging from thousands to billions of records exposed, breaches big and small gave threat actors access to sensitive information like email addresses, locations, passwords, dates of birth, and more.
