Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

What is Software-as-a-Service (SaaS) Operations?

In this video, learn the following key points about Software-as-a-Service Operations (SaaS Ops): Resources and social media: Transcript: Organizations rely on SaaS applications more and more to get things done. But with so many specialized apps and different vendors, IT departments can get lost in the cloud. It’s easy to see why -- most organizations use over 100 SaaS apps in their day-to-day tasks. For an IT team, that’s a ton to manage.

Understanding the Impact of the NIS2 Directive on Managed Service Providers (MSPs)

With cybersecurity threats on the rise, regulatory bodies are taking robust measures to secure essential infrastructure. The European Union’s introduction of the NIS2 Directive marks a significant step in this direction, aiming to fortify the defenses of critical sectors across Europe. Managed Service Providers (MSPs) play a pivotal role in safeguarding networks and information systems, and the new NIS2 requirements underscore the heightened responsibilities they face.

A Critical Look at Modern PAM Capabilities

In today’s digital landscape, Privileged Access Management (PAM) has evolved beyond rotating and vaulting privileged credentials for long-lived systems. As organizations expand cloud investment and scale sustainable hybrid work, PAM has also grown into a multi-faceted discipline that must secure all identities across the enterprise.

Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale

In a concerning trend, cybercriminals are leveraging DocuSign's APIs to send fake invoices that appear strikingly authentic. Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard.

Leveling up the 1Password Developer experience

The 1Password desktop apps now include the option to show a dedicated developer section, accessible from the sidebar. The next time you open 1Password for Mac, Windows, or Linux, the built-in SSH Agent, 1Password CLI, and Developer Watchtower will be a click away.

CVE-2024-10443: Critical Zero-Click RCE Vulnerability Discovered in Synology NAS Devices

On November 1, 2024, details of a critical vulnerability affecting Synology NAS devices, which had been patched a few days earlier, were publicly disclosed. This vulnerability, tracked as CVE-2024-10443 is classified as a zero-click flaw, meaning no user interaction is required for exploitation. The issue originates from the SynologyPhotos application, which comes pre-installed and enabled by default on Synology’s BeeStation storage devices and is also widely used among DiskStation users.