A Head in the Clouds: How Sentra’s DSPM Helps Secure Cloud Data Risks and Challenges in Cloud Data Security Cloud technology continues to evolve, increasing the challenge of securing sensitive data Data duplication and data sprawl are common in today’s business environment These issues lead to increased risks of non-compliance and unauthorized data breaches When
Read More
Google Workspace’s Glaring Design Flaw: Cyber Threat Actors’ Joy, System Admins’ Pain – Google Workspace’s domain-wide delegation (DWD) feature is discovered to have a “severe design flaw”. – Threat actors can exploit this flaw to escalate their privileges. – Exploitation could result in unauthorized access to Workspace APIs without super admin privileges. – Hackers could
Read More
Network of Cyber-Criminals Gets Grilled by Law Enforcers: Ransomware Ringleader and Accomplices Arrested in Ukraine Main Points to Decrypt: A multinational law enforcement operation has tracked down and nabbed key figures in Ukraine who were allegedly operating ransomware schemes. On the 21st of November, no less than 30 properties were raided in multiple regions of
Read More
Bullet Points: Account credentials as a sought-after item in cybercrime – a single stolen set can jeopardize whole networks. The 2023 Verizon Data Breach Investigation Report states external parties accounted for 83 percent of breaches from Nov 2021 to Oct 2022. 49 percent of these breaches were facilitated by the abuse of identity, accentuating the
Read More
Cybersecurity Researchers Unearth “Forced Authentication” Exploitable Vulnerability with Microsoft Access Files Main Points: Cybersecurity researchers discover a new potential exploit known as “forced authentication.” The vulnerability could allow pernicious agents to leak a Windows user’s NT LAN Manager (NTLM) tokens. Victims can be tricked into opening corrupted Microsoft Access files, leaving their system at risk.
Read More
Identity and Access Management: Your Digital Knights in Shining Armor – Identity and Access Management (IAM) systems are critical for the protection of businesses’ sensitive information and assets. – Over 80% of recent cyber attacks involve identity compromise, stolen credentials, or authentication bypass. – Recent high-profile breaches among companies like MGM and Caesars underline the
Read More
North Korean Threat Actors Up Their macOS Menace Game With Mixed Malware Techniques – North Korean threat actors behind macOS malware strains RustBucket and KANDYKORN have adopted a new technique: combining their strengths. – According to cybersecurity firm SentinelOne, the actors have been using RustBucket droppers to deliver KANDYKORN. Merging Malware: RustBucket and KANDYKORN If
Read More
Big Spenders and Big Data: Powering the Retail Game via SaaS applications and CRM platforms Main Points: – Consumers are projected to spend $13.7 billion in a single day – Almost every interaction is logged by a Customer Relationship Management (CRM) system – Inventory software will automatically reorder products as needed – Communication applications will
Read More
Cracking the Code: Could SSH Server Connections Be Vulnerable? RSA Host Keys Plundered • A recent study has highlighted the possibility for passive network attackers to access private RSA host keys. • This vulnerability arises during the establishment of a connection to an SSH server, when naturally occurring computational faults occur. Paraphrasing these main points,
Read More
Global Guidelines for Safer AI: A Cyber-Security Symphony The U.K., U.S. and 16 other international partners issue new guidelines for developing secure AI systems. The strategy focuses on customer’s ownership of security outcomes, extreme transparency, and accountability. It also emphasizes the need to prioritize safe design in organizational structures. A Union of Nations for Safer
Read MoreNo products in the cart.