Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

AppSentinels: Ensuring Adherence to SEBI's CSCRF API Security Standards

Since 2015, the Securities and Exchange Board of India (SEBI) has introduced several cybersecurity and cyber resilience frameworks to address evolving cybersecurity risks and strengthen the resilience of regulated entities (REs). Additionally, SEBI has issued multiple advisories on best practices to guide REs in enhancing their cybersecurity posture.

Challenging the Access Management Status Quo

Once upon a time, workers sat in offices, only used corporate desktops and crossed a single authentication checkpoint to access company resources kept snugly behind a protective barrier. The world has changed dramatically since then. Cloud and hybrid environments are vast and complex. Work happens anywhere and everywhere. Company employees, contractors, partners and other users interact daily with multiple endpoints—personal and company-owned—alongside SaaS applications and sensitive data.

What is Session Hijacking and 8 Ways to Prevent It

What if there were a way to negate the effectiveness of multi-factor authentication (or even bypass secure login protocols) without ever cracking a password? Session hijacking offers attackers a tempting shortcut to user accounts, bypassing the usual security barriers. In 2022 alone, researchers scouring the shadier corners of the internet (like the dark web) found 22 billion device and session cookie records – each of which could help to enable session hijacking.

Exploited! NuPoint Unified Messaging (NPM) Component of Mitel MiCollab

The NuPoint Unified Messaging (NPM) module in Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201) is vulnerable to a path traversal attack caused by insufficient input validation. This vulnerability could be exploited by an unauthenticated attacker to gain unauthorized access to sensitive files, potentially allowing them to read, alter, or delete user data and critical system settings. The Mitel MiCollab Arbitrary File Read Vulnerability combines CVE-2024-41713 with another yet-to-be-assigned issue.

User Activity Monitoring: Unlocking Productivity for Remote and On-site Workforces

Whether managing a distributed workforce, balancing a range of devices and systems, or navigating the complexities of hybrid work, challenges are everywhere: fragmented workflows, operational inefficiencies, and concerns about insider risks. Solving these issues can feel like an uphill battle without clear visibility into digital workforce behavior.

Getting Started with Protegrity's API Playground

For organizations handling sensitive data, finding a secure and efficient way to test data protection solutions is crucial. The Protegrity API Playground offers a straightforward way to test Protegrity’s data protection features. The Playground grants you 10,000 API requests after registration to use as you see fit: protecting names, addresses, credit card numbers – or any other data your organization considers secure.