Several security missteps on Microsoft's part allowed a China-based threat actor to forge authentication tokens and access user email from some 25 Microsoft enterprise...

Several security missteps on Microsoft's part allowed a China-based threat actor to forge authentication tokens and access user email from some 25 Microsoft enterprise...

Legacy systems are the bane of IT pros everywhere. "Legacy" generally is defined as outdated computer hardware and software that remains stubbornly in place...

Atlanta, GA – August 2, 2023 – BeyondTrust, the worldwide leader in intelligent identity and access security, today announced the general availability of its groundbreaking...

The heads of the Justice Department, the Cybersecurity and Infrastructure Security Agency, and the Federal Trade Commission received a letter on July 27 from...

The heads of the Justice Department, the Cybersecurity and Infrastructure Security Agency, and the Federal Trade Commission received a letter on July 27 from...

The Storm-0558 breach that gave Chinese advanced persistent threat (APT) actors access to emails within at least 25 US government agencies could be much further-reaching...

by Paul Ducklin At the tail-end of last week, Microsoft published a report entitled Analysis of Storm-0558 techniques for unauthorized...

Guest accounts in Azure AD (AAD) are meant to provide limited access to corporate resources for external third parties — the idea is to...

This spring, a Chinese threat actor had access to email accounts across 25 government agencies in Western Europe and the US, including the State...

Seattle, WA – July 11, 2023 – SpecterOps, a provider of adversary-focused cybersecurity solutions born out of unique insights of advanced threat actor tradecraft, today announced...

As companies struggle with finding and closing off the paths that attackers could use to infiltrate and compromise their IT environments, security providers are...