April 11, 2024 at 06:19PM The US federal government warned customers of Sisense, a business analytics platform, about a password compromise. The Cybersecurity and Infrastructure Security Agency advised users to reset credentials and passwords for sensitive data. The platform, which serves over 2,000 companies, including Air Canada and Nasdaq, is an attractive target for supply … Read more
March 13, 2024 at 07:03AM Cybercriminals are increasingly targeting identities within SaaS applications, including human and non-human accounts, leading to data breaches and financial losses. While measures like multi-factor authentication protect human identities, safeguarding non-human identities requires advanced tactics like monitoring tools and automated security checks. Join the webinar to learn about defending SaaS environments … Read more
March 8, 2024 at 06:09AM In the cybersecurity realm, secrets management is essential in safeguarding sensitive data. This involves avoiding common mistakes such as hard coding secrets, inadequate key rotation, public storage, and over-provisioning of privileges. Additional pitfalls include improper lifecycle management, lack of audit trails, and failure to encrypt Kubernetes secrets. Strategies for remedying … Read more
February 29, 2024 at 01:59PM GitHub has introduced push protection by default for all public repositories, preventing accidental exposure of secrets like access tokens and API keys during code pushes. The feature scans for over 200 token types and patterns from 180+ providers and allows users to remove or bypass detected secrets. Push protection is … Read more
November 21, 2023 at 11:38AM Sumo Logic has confirmed that no customer data was compromised in a potential security breach. The company discovered unauthorized access to one of its AWS accounts but quickly secured the infrastructure and rotated customer credentials as a precaution. Sumo Logic will undertake further evaluation to prevent future incidents. Key takeaways … Read more
November 8, 2023 at 01:31PM Security and data analytics company, Sumo Logic, disclosed a security breach after its AWS account was compromised. The breach was discovered on November 3rd when an attacker used stolen credentials to gain access. Customer data remains encrypted, and Sumo Logic has implemented extra security measures and advised customers to rotate … Read more