Twitter will start charging users for SMS-based 2FA option
Twitter has announced that starting with March 20, users who don’t pay the Twitter Blue subscription will no longer be able to use the SMS-based two-factor …
Reddit breached: Internal docs, dashboards, systems accessed
Popular social news website and forum Reddit has been breached (again) and the attacker “gained access to some internal docs, code, as well as some internal dashboards …
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts
Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …
6 oversights that enable data breaches
Personal employee or customer data accounted for nearly 45% of all data stolen between July 2021 and June 2022, while companies’ source code and proprietary information …
Consumers want convenience without sacrificing security
Consumers worldwide want frictionless online experiences without sacrificing the security of personal information, according to a recent survey from Ping Identity. With 63% …
90% of organizations have Microsoft 365 security gaps
A recently published study evaluated 1.6 million Microsoft 365 users across three continents, finding that 90% of organizations had gaps in essential security protections. …
Moving your Microsoft environment to zero trust
Zero trust is a concept that’s easy to grasp but incredibly difficult to implement. It touches almost every system, component, application, and resource within an enterprise, …
2FA, 3FA, MFA… What does it all mean?
Simply put, authentication is the act of proving you are who you say you are. To gain access to protected information, systems or locations, the user must prove their identity …
Passwordless will overtake other methods to secure employee identities
Secret Double Octopus and Dimensional Research surveyed over 300 IT professionals with responsibility for workforce identities and their security at organizations with more …
130 Dropbox code repos plundered after successful phishing attack
Dropbox has suffered a data breach, but users needn’t worry because the attackers did not gain access to anyone’s Dropbox account, password, or payment information. …
Are your cybersecurity investments making you less resilient?
In the past decade, digital transformation has become a buzzword in nearly every industry. Organizations have scaled down workforces in favor of automation, moved their …
Cybercriminals are having it easy with phishing-as-a-service
In this interview for Help Net Security, Immanuel Chavoya, Threat Detection Expert at SonicWall, talks about phishing-as-a-service (PaaS), the risks it can pose to …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege