November 15, 2024 at 01:39AM Misconfigured Microsoft Power Pages websites are exposing sensitive data of millions, including personal identifiable information (PII), due to lax access controls. Aaron Costello of AppOmni highlights significant leaks, such as one affecting 1.1 million NHS employees. Organizations must enhance security measures for external-facing sites to prevent data breaches. **Meeting Takeaways:** … Read more
November 12, 2024 at 03:39PM CrowdStrike has acquired Israeli startup Adaptive Shield for approximately $300 million to enhance its security posture management capabilities. This acquisition will strengthen its Falcon platform by integrating SaaS application monitoring, improving identity protection, and offering tools to manage and secure identities against increasingly common identity-based attacks. Completion is expected by … Read more
November 6, 2024 at 01:57PM The VEILDrive threat campaign leverages Microsoft services like Teams and SharePoint to distribute malware through spear-phishing. Discovered by Hunters in September 2024, the attack targeted a U.S. critical infrastructure, using compromised accounts and Quick Assist for remote access. This strategy complicates detection of the malware, which connects to adversary-controlled OneDrive. … Read more
November 1, 2024 at 07:33AM The article discusses key SaaS misconfigurations that pose security risks, including excessive help desk privileges, lack of MFA for super admins, unblocked legacy authentication, mismanaged super admin counts, and Google Groups view settings. It emphasizes the importance of continuous monitoring and fixing these issues to prevent data breaches and ensure … Read more
November 1, 2024 at 12:57AM A webinar will address the growing threat of advanced cyber attackers infiltrating identity systems in organizations, particularly focusing on tactics used by the LUCR-3 group. Led by Ian Ahl, it aims to equip cybersecurity professionals with strategies to enhance identity security and proactive defenses against data breaches. Registration is limited. … Read more
October 24, 2024 at 05:50PM Grip Security’s report, “2025 SaaS Security Risks,” reveals that 90% of SaaS applications remain unmanaged, posing significant risks for organizations. With a 40% increase in SaaS applications and rising usage of AI tools, the need for a collaborative, identity-driven security approach is critical to mitigate these vulnerabilities effectively. **Meeting Takeaways … Read more
October 23, 2024 at 06:36AM A significant portion of security practitioners lack awareness of their organization’s SaaS deployments, with only 15% centralizing SaaS security. This disconnect, paired with a culture that undervalues proactive security, leads to increased vulnerabilities. Establishing a security-first culture and implementing continuous monitoring are essential to mitigate risks associated with decentralized SaaS … Read more
October 9, 2024 at 07:39AM Organizations often neglect social media account security, risking reputational damage and financial losses. With multiple access layers and stakeholders, proper governance is critical. Utilizing SaaS Security Posture Management (SSPM) tools can enhance oversight, mitigate risks, and ensure only authorized users engage on behalf of the brand. ### Meeting Takeaways – … Read more
September 18, 2024 at 01:42PM ServiceNow’s enterprise knowledge bases (KBs) continue to expose sensitive corporate data, despite last year’s security improvements. AppOmni’s research found 45% of instances leaked internal data due to outdated configurations and misconfigured access controls. ServiceNow acknowledged the issue and identified changes but encountered challenges protecting KBs due to internal and external … Read more
August 27, 2024 at 09:30AM SaaS deployments often lack central control and clarity, with responsibility for securing SaaS resting mostly on business owners/stakeholders rather than cybersecurity teams. Lack of visibility into SaaS platforms leads to security risks, as many organizations don’t know the full scope of their SaaS applications. AppOmni’s survey reveals a disconnect between … Read more