A recent survey conducted by Tripwire revealed organizations are not fully adopting security controls from key benchmarks, such as the Center for Internet Security (CIS).
Many organizations lacking adoption of key CIS controls Read More »
Cybersecurity firm UpGuard has discovered an error in Amazon AWS bucket configuration that led to the exposure of internal GoDaddy infrastructure data.
AWS S3 error exposes data on 31K GoDaddy servers Read More »
Reddit, a popular social news aggregation and discussion website, suffered from a security breach between June 14 and June 18 of this year. The incident was discovered on June 19 and linked to weaknesses in SMS-based two-factor authentication (2FA).
Hacker breaks into Reddit systems via SMS-based 2FA Read More »
Clarkson PLC (“Clarksons”), a British shipping company, recently revealed a single and isolated user account compromise was the cause of a data breach and theft of confidential information last year.
Single account blamed for Clarksons breach Read More »
Gentoo provided a new security update that describes the impact and root cause of its recent GitHub Linux distribution repository hacking incident.
Gentoo reveals hacking root cause of its GitHub repository Read More »
Duo Labs has found SAML protocol vulnerabilities that impact multiple vendor single sign-on (SSO) systems.
SAML vulnerabilities affect multiple SSO implementations Read More »
Hackers have hijacked Enigma, a cryptocurrency investor platform and ethereum marketplace, and stole more than $500,000 in cryptocurrency from investors via a phishing scam.
Hackers hijack Enigma Read More »
Security researchers in Belgium have discovered two vulnerabilities related to Single Sign-on authentication in Oracle Access Manager (OAM) Version 10g, as part of penetration testing work for a client.
Oracle SSO vulnerabilities Read More »
Security researchers have spotted QakBot malware used to lockout hundreds to thousands of Active Directory (AD) accounts across a number of enterprises.
QakBot malware locks out thousands of AD accounts Read More »
To help organizations prepare for Internet of Things (IoT) threats, we outline some key security recommendations for IoT authorization, authentication and access control.
Secure Authorization, Authentication and Access Control for IoT Read More »
