Skip to main content

Tag: credentialcompromise

10 articles

Security Leaders: Exclusive Insider Data-Loss Warning

Security Leaders: Exclusive Insider Data-Loss Warning

Insider-related data loss is now a boardroom dilemma — 77% of organizations reported incidents in the last 18 months — as misconfigured privileges, sprawling toolsets, and human stressors turn trusted credentials into attackers’ easiest path inside. Cloud adoption, remote work and collaboration platforms widen visibility gaps, letting ordinary business activity mask exfiltration and making detection painfully slow.

Analyst 207
digital identity: Must-Have Defenses to Stop Risky Breaches

digital identity: Must-Have Defenses to Stop Risky Breaches

Now more than ever, digital identity—the credentials, attributes and policies for people, devices and AI agents—is the first and last line of defense; treat service accounts, API keys and tokens with the same rigor as human credentials to stop one misconfiguration or stolen token from triggering a catastrophic breach.

Analyst 207
ArcGIS application Stunning: Risky Year-Long Persistence

ArcGIS application Stunning: Risky Year-Long Persistence

A security firm found China-aligned hackers living undetected inside a trusted ArcGIS mapping app for over a year, turning a vital tool into a stealthy espionage platform. The takeaway: even everyday operational software needs strict security, continuous monitoring, and zero trust—because convenience shouldn’t mean vulnerability.

Analyst 207
cloud collaboration: Must-Have Best Practices to Avoid Risk

cloud collaboration: Must-Have Best Practices to Avoid Risk

Cloud collaboration makes teamwork effortless — and oversharing dangerously easy; learn practical, friendly best practices to keep files moving fast while cutting exposure, from short-lived links and MFA to data stewardship and automated audits.

Analyst 207
one bad password: Stunning Lessons from a Risky Collapse

one bad password: Stunning Lessons from a Risky Collapse

One compromised password toppled KNP Logistics after 158 years, a wake-up call that even the most storied businesses can be undone by weak cyber hygiene — adopt MFA, segmentation and tested recovery plans before it’s too late.

Analyst 207
Identity Governance and Administration: Stunning Best Guide

Identity Governance and Administration: Stunning Best Guide

Who has the keys? Identity Governance and Administration puts that question to rest by giving you centralized visibility into who can access what, why they have it, and when to revoke it — so you can reduce risk, streamline onboarding, and prove compliance.

Analyst 207
Salesloft–Drift incident: Exclusive Risky Wake-Up Call

Salesloft–Drift incident: Exclusive Risky Wake-Up Call

When a vendor like Salesloft or Drift is breached, even giants like Cloudflare can have customer data exposed — a stark reminder that trusted integrations can become attack paths. Now’s the time to audit third‑party access, rotate tokens, and tighten least‑privilege controls before the next ripple causes real harm.

Analyst 207
Salesloft/Drift incident: Exclusive Risky Security Wake-Up

Salesloft/Drift incident: Exclusive Risky Security Wake-Up

Cloudflare confirmed some customer data was exposed after the Salesloft/Drift breach, but key details and the full scope remain unclear — a stark reminder that third‑party compromises can ripple across the cloud ecosystem. Customers should watch for updates and take simple precautions now, like rotating credentials and enabling MFA, while investigations continue.

Analyst 207
Salt Typhoon Stunning Risks to Global Security

Salt Typhoon Stunning Risks to Global Security

When commercial cloud and hosting services start looking like spy tools, who do you trust—and how do you protect yourself? Recent attributions tie parts of China’s tech ecosystem to the “Salt Typhoon” campaigns, showing how misconfigured or abused legitimate services can quietly power large-scale espionage and why stronger transparency, vetting and cross-border cooperation are urgently needed.

Analyst 207
reducing cyber risk: Must-Have Culture for Best Defense

reducing cyber risk: Must-Have Culture for Best Defense

Technology can only take you so far—attackers now target people and culture, not just systems. Building a stronger security culture with clear policies, consistent training, and aligned incentives is the simplest, most effective way to cut cyber risk.

Analyst 207