Google Reveals UNC6395’s OAuth Token Theft in Salesforce Breach
A new advisory from Google and Mandiant reveals a widespread data breach in Salesforce. Learn how UNC6395 bypassed…
MFA
ScreenConnect admins targeted with spoofed login alerts
ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins:…
From legacy to SaaS: Why complexity is the enemy of enterprise security
In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balan…
Malicious Connectors Potentially Impact Hundreds of Millions of Microsoft 365 Users
Most Microsoft 365 users aren’t aware of this recently growing serious email threat vector.
Malicious Connectors Potentially Impact Hundreds of Millions of Microsoft 365 Users
Most Microsoft 365 users aren’t aware of this recently growing serious email threat vector.
Hackers Use Social Engineering to Target Expert on Russian Operations
Citizen Lab and Google uncovered a new, sophisticated cyberattack linked to Russian state actors that exploits App-Specific Passwords, bypassing Multi-Factor Authentication. Discover how to protect yourself from these evolving threats.
AWS launches new cloud security features
Amazon Web Services has announced new and improved security features at its annual AWS re:Inforce cloud security conference. The company has also introduced features aimed at speeding up backup recovery, and has announced the completion of its push to …
Fake MFA Reset Warning Message
A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).
Smart Cars, Dumb Passwords: Auto Industry Still Runs on Weak Passwords
A new study by NordPass and NordStellar reveals the automotive industry is plagued by weak, reused, and common…
You Are Still Vulnerable to Password Attacks When Using Passkeys
Just because you’re using a passkey doesn’t mean your password is gone.