90% of organizations have Microsoft 365 security gaps
A recently published study evaluated 1.6 million Microsoft 365 users across three continents, finding that 90% of organizations had gaps in essential security protections. …
Moving your Microsoft environment to zero trust
Zero trust is a concept that’s easy to grasp but incredibly difficult to implement. It touches almost every system, component, application, and resource within an enterprise, …
2FA, 3FA, MFA… What does it all mean?
Simply put, authentication is the act of proving you are who you say you are. To gain access to protected information, systems or locations, the user must prove their identity …
Passwordless will overtake other methods to secure employee identities
Secret Double Octopus and Dimensional Research surveyed over 300 IT professionals with responsibility for workforce identities and their security at organizations with more …
130 Dropbox code repos plundered after successful phishing attack
Dropbox has suffered a data breach, but users needn’t worry because the attackers did not gain access to anyone’s Dropbox account, password, or payment information. …
Are your cybersecurity investments making you less resilient?
In the past decade, digital transformation has become a buzzword in nearly every industry. Organizations have scaled down workforces in favor of automation, moved their …
Cybercriminals are having it easy with phishing-as-a-service
In this interview for Help Net Security, Immanuel Chavoya, Threat Detection Expert at SonicWall, talks about phishing-as-a-service (PaaS), the risks it can pose to …
Uber says Lapsus$ gang is behind the recent breach
Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. “It is likely that the attacker purchased the …
EvilProxy phishing-as-a-service with MFA bypass emerged on the dark web
Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns …
Phishing PyPI users: Attackers compromise legitimate projects to push malware
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …
How attackers use and abuse Microsoft MFA
Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …
Cisco has been hacked by a ransomware gang
U.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site. …