Tyler Cross Published on: February 2, 2023 Microsoft was recently targeted by threat actors who abused the Oauth...

Late last year, a group of threat actors managed to obtain "verified publisher" status through the Microsoft Cloud Partner Program (MCPP). This allowed them to...

Microsoft is a primary target for threat actors, who scour Microsoft applications for weaknesses. Our security research team at Adaptive Shield recently discovered a...

As CircleCI continues to investigate the security incident affecting its continuous integration and continuous delivery (CI/CD) platform, enterprise defenders should also be hunting for...

DevOps platform CircleCI is warning users of its continuous integration and deployment (CI/CD) to "immediately" rotate all secrets — think passwords, API keys, SSH...

Amazon Kendra is a highly accurate and simple-to-use intelligent search service powered by machine learning (ML). Amazon Kendra offers a suite of data source...

Amazon Kendra is a highly accurate and simple-to-use intelligent search service powered by machine learning (ML). Amazon Kendra offers a suite of data source...

GitHub is making secrets scanning available for all public repositories and requiring all developers to enable two-factor authentication for their accounts. The secrets scanning...

by Paul Ducklin Naked Security meets Sophos X-Ops! (Read or listen according to your preference.) We dig into OAuth 2.0, a well-known protocol for authorization. Microsoft calls...

by Paul Ducklin Early in April 2022, news broke that various users of Microsoft’s GitHub platform had suffered unauthorised access to their private source code. GitHib has...

Reading Time: 4 minutesDo you use Facebook Messenger? Do you use Chrome on your desktop? Do you also use Bitcoin and have...