Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Microsoft Power Platform, specifically Power Automate and Copilot Studio, makes it easy for organizations to quickly build automations and AI agents. To keep them secure and compliant, Tenant Isolation is a critical feature designed to prevent unauthorized cross-tenant communication. However, in our latest research, we discovered a high-severity vulnerability that bypasses Tenant Isolation policies using the HTTP Connector - potentially exposing sensitive data and enabling unauthorized actions.

Traditional email authentication mechanisms like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are great for getting started. They are like the first step to verifying email senders and combatting tampering. However, they don’t solve the entire problem. Attackers may still manipulate the “From” address, evade SPF checks using intermediary servers, or exploit misconfigured DNS (Domain Name System) records.

If you’ve started exploring how to secure AI agents in your environment (or even just reading about it), you likely already know that it’s not as straightforward as applying traditional AppSec practices. AI agents aren’t just another workload or API to monitor, they’re dynamic, semi-autonomous entities operating at the intersection of user intent, agent behavior, and enterprise systems. And not all AI agents are created equal or secure.

Think of your organization’s cybersecurity as a combination of a shield and a sword. The shield represents proactive incident response – your first line of defense that anticipates and prevents potential threats. This could include app security tips or best practices for business cybersecurity, which work to prevent incidents before they occur through continuous monitoring, threat hunting, and vulnerability assessments.

As the world of cyber continues to change, threats aren’t just becoming more sophisticated, they’re becoming harder to detect. Whether it’s a well-planned attack that slips past your defences, or a known vulnerability in your system, the question is: how do you test your security before an attacker does? Two of the most effective approaches that Bulletproof offers are penetration testing and red teaming, and which one you choose depends on what your business is trying to achieve.

API keys and passwords are the keys to digital kingdoms, granting access to an organization’s most valuable systems and data. Traditional data loss prevention (DLP) systems often fall short in their attempts to protect sensitive data and secrets, leaving security teams overwhelmed with false positives and noise. At Nightfall, we understand these challenges and the evolving threat landscape across SaaS and endpoints.

The Department of Health and Human Services (HHS) will be implementing sweeping and crucial updates to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule to enhance the protection of electronic protected health information (ePHI). These changes aim to address modern cybersecurity threats and ensure resilience in healthcare data management. In this blog, we will explore the key updates and their implications for healthcare providers and their business associates.

Being able to find and replace specific text within strings is useful for many tasks, including data processing, automation and file management. For instance, replacing outdated information with current data is important for data standardization. PowerShell offers two primary methods for string replacement: For example, suppose we want to replace the string “Hello” with “Hi.” Here is a script for accomplishing this using the Replace() method.

Security measures aren’t keeping pace with the rate at which new technology is going to market. One of the fastest-growing segments of technology, the Internet of Things (IoT) — which includes webcams, smart thermostats, wearable health trackers, and other smart objects — is capturing the industry’s attention and growing rapidly. By 2030, the number of connected IoT devices is expected to grow to 40 billion.