Stale or inactive Active Directory accounts are a source of risk that increases over time. Check them regularly and automatically.

The risk of data exposure is a big challenge with the rising number and complexity of IaaS/PaaS services in the public cloud.

Microsoft documents a novel authentication bypass technique used by russian Cozy Bear threat actor group.

With destructive cyber attacks at an all time high, pressures for regulation are following suit. But don't expect too much.

Implications for threat hunters: update of replication rules is a clue that data exfiltration may silently be occurring in the environment.

Legitimate SaaS platforms are increasingly used for phishing links distribution, a relatively novel evasion technique.

Heavily digitized healthcare is especially at risk since it contains so much sensitive data, including patient records.

Mixed messages from the new GitLab DevSecOps Survey 2022: toolchain sprawl and limited budgets, but also wider usage of SAST and DAST tools.

The new Postman annual State of the API Report highlights the risks of programmatic integration via APIs