Tag: least-privilege

Overly permissive ‘guest’ settings put Salesforce customers at risk

Mar 11, 2026 1:49 PM

Tags: access, api, attack, ceo, credentials, data, least-privilege, risk, strategy

Why Salesforce environments make tempting targets: Salesforce deployments are particularly attractive because of the sensitive data they hold and the complexity of their access models.”Salesforce instances often contain highly sensitive customer data, including credentials and secrets that can be used for lateral movement,” said Vincenzo Lozzo, CEO and cofounder of SlashID. At the same time,…
Why access decisions are becoming the weakest link in identity security

Mar 10, 2026 10:47 AM

Tags: access, ai, api, attack, authentication, automation, breach, business, ciso, control, credentials, data, finance, governance, group, iam, identity, least-privilege, login, okta, radius, risk, saas, service, technology, tool

The SSO fallacy: Why authentication is not a guarantee: I’m often asked by business and technology leaders, “If we have SSO enabled, why do we still need to worry about granular access controls?” The underlying assumption is that once a user is authenticated through a central, secure portal, the hard work is done.In practice, SSO…
4 ways to prepare your SOC for agentic AI

Mar 9, 2026 9:47 AM

Tags: access, ai, attack, automation, best-practice, cloud, compliance, control, cybersecurity, data, defense, detection, edr, framework, governance, guide, identity, injection, intelligence, least-privilege, metric, mitre, radius, RedTeam, risk, siem, skills, soar, soc, threat, tool

Build capabilities for AI governance, content and quality: Upskilling existing analysts alone is not enough. As AI agents begin operating across tools, making decisions and triggering actions with minimal human involvement, the demands on the SOC will extend well beyond traditional analyst capabilities, experts say.Content engineering, for instance, is one emerging requirement. In an AI-enabled…
Zero-day exploits hit enterprises faster and harder

Mar 6, 2026 9:48 AM

Tags: access, apple, attack, backdoor, business, china, cisco, cve, data, detection, endpoint, espionage, exploit, firewall, flaw, fortinet, google, group, hacker, infrastructure, ivanti, least-privilege, mobile, network, oracle, radius, ransomware, risk, router, russia, service, software, technology, threat, update, vpn, vulnerability, zero-day

Enterprise environments under siege: Chinese threat actors continued to display a preference for targets that are difficult to monitor and allow persistent access to strategic networks. Notable examples include the groups that GTIG tracks as UNC5221, which exploited a flaw in Ivanti Connect Secure (CVE-2025-0282) and UNC3886, which exploited a vulnerability in Juniper routers (CVE-2025-21590).Another…
When Payment Data Becomes the Weakest Link

Feb 26, 2026 3:36 PM

Tags: access, awareness, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, encryption, fraud, least-privilege, PCI, radius, risk, service, software, strategy, threat

When Payment Data Becomes the Weakest Link madhav Thu, 02/26/2026 – 10:56 Most cybersecurity incidents don’t begin with an attack. They begin with a design decision. Four people experienced that reality in the same week. Different roles. Different systems. One shared outcome. Cybersecurity Karen Kelvie – Product Marketing, Data Protection More About This Author >…
Using threat modeling and prompt injection to audit Comet

Feb 20, 2026 7:01 PM

Tags: access, ai, attack, captcha, control, data, defense, detection, email, endpoint, exploit, framework, injection, Internet, law, least-privilege, LLM, malicious, ml, monitoring, privacy, RedTeam, risk, social-engineering, threat, tool, training, update, vulnerability

Before launching their Comet browser, Perplexity hired us to test the security of their AI-powered browsing features. Using adversarial testing guided by our TRAIL threat model, we demonstrated how four prompt injection techniques could extract users’ private information from Gmail by exploiting the browser’s AI assistant. The vulnerabilities we found reflect how AI agents behave…
New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Feb 20, 2026 5:01 AM

Tags: access, attack, awareness, business, credentials, defense, email, google, identity, incident response, least-privilege, login, malicious, mfa, microsoft, monitoring, office, phishing, risk, saas, social-engineering, training

microsoft.com. But the attacker has pre-registered their device to get the code for [the victim] to verify.”David Shipley, head of Canadian security awareness training provider Beauceron Security, said OAuth device code attacks have been gaining steam since 2024. “It’s the natural evolutionary response to improvements in account security, particularly MFA”, he said. The easiest defense is…
The Cloud and AI Velocity Trap: Why Governance Is Falling Behind Innovation

Feb 19, 2026 6:01 PM

Tags: access, ai, attack, business, cloud, compliance, control, cyber, data, flaw, framework, governance, grc, iam, identity, least-privilege, malicious, malware, radius, risk, risk-management, service, supply-chain, tactics, threat, tool, vulnerability, zero-trust

AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies leave orgs exposed. We offer 10 tactics to shut down your most critical attack paths. Key takeaways The velocity trap: Security teams are fighting “machine-speed” threats with manual processes; you…
The Cloud and AI Velocity Trap: Why Governance Is Falling Behind Innovation

Feb 19, 2026 6:01 PM

Tags: access, ai, attack, business, cloud, compliance, control, cyber, data, flaw, framework, governance, grc, iam, identity, least-privilege, malicious, malware, radius, risk, risk-management, service, supply-chain, tactics, threat, tool, vulnerability, zero-trust

AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies leave orgs exposed. We offer 10 tactics to shut down your most critical attack paths. Key takeaways The velocity trap: Security teams are fighting “machine-speed” threats with manual processes; you…
Why identity recovery is now central to cyber resilience

Feb 13, 2026 12:58 AM

Tags: access, ai, authentication, backup, business, cloud, compliance, cyber, data, email, identity, infrastructure, least-privilege, radius, ransomware, resilience, risk, service, strategy

Identity resilience: Implement immutable backups and automated recovery for identity systems such as Active Directory.Zero-trust architecture: Apply least-privilege access and continuous authentication to reduce the blast radius of an attack.Automated orchestration: Limit manual steps in recovery workflows so teams can respond faster under pressure.Regulatory readiness: Make audit-ready reporting and compliance validation part of resilience planning, not an afterthought.AI-ready protection: Account…
Entwickler werden zum Angriffsvektor

Feb 12, 2026 5:58 AM

Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerability

Softwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
Entwickler werden zum Angriffsvektor

Feb 12, 2026 5:58 AM

Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerability

Softwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
Entwickler werden zum Angriffsvektor

Feb 12, 2026 5:58 AM

Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerability

Softwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
Entwickler werden zum Angriffsvektor

Feb 12, 2026 5:58 AM

Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerability

Softwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
Software developers: Prime cyber targets and a rising risk vector for CISOs

Feb 9, 2026 9:14 AM

Tags: access, ai, api, application-security, attack, automation, backdoor, breach, ceo, ciso, cloud, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, exploit, flaw, Hardware, identity, infrastructure, intelligence, Internet, jobs, leak, least-privilege, LLM, malicious, malware, marketplace, north-korea, open-source, phishing, programming, resilience, risk, saas, scam, service, social-engineering, software, supply-chain, theft, threat, tool, training, unauthorized, update, vulnerability

Credential theft and environment compromise: Attackers aren’t just looking for flaws in code “, they’re looking for access to software development environments.Common security shortcomings, including overprivileged service accounts, long-lived tokens, and misconfigured pipelines, offer a ready means for illicit entry into sensitive software development environments.”Improperly stored access credentials are low-hanging fruit for even the most amateur…
Ten career-ending mistakes CISOs make and how to avoid them

Feb 6, 2026 2:14 PM

Tags: access, ai, attack, awareness, best-practice, breach, business, ciso, cloud, compliance, computing, conference, control, credentials, cyber, cybersecurity, data, defense, detection, encryption, exploit, finance, framework, GDPR, governance, guide, HIPAA, least-privilege, malicious, metric, monitoring, network, password, resilience, risk, social-engineering, strategy, technology, threat, tool, training, vulnerability, zero-trust

2. Poor communication with the board and C-suite: Technical expertise alone no longer suffices in the modern CISO role. Security leaders who fail to translate cyber risks into business impact quickly lose credibility with decision-makers who control budgets and strategic direction.When security leaders present endless technical details without connecting them to revenue loss, regulatory fines,…
Zscaler extends zero-trust security to browsers with SquareX acquisition

Feb 6, 2026 1:14 PM

Tags: access, ai, ceo, ciso, control, crowdstrike, cybersecurity, edr, endpoint, least-privilege, network, risk, service, strategy, tool, vpn, zero-trust

A win-win for customers?: Zscaler has acknowledged that browser runtime behaviour was a missing piece in its zero-trust security, and having SquareX solution in its portfolio can help fill the gap, noted Gogia.For Zscaler customers, this acquisition would mean browser security is no longer an afterthought or a separate tool to evaluate but a native…
Why Attackers no Longer Need to Break in: The Rise of Identity-Based Attacks

Feb 6, 2026 10:13 AM

Tags: breach, credentials, iam, identity, least-privilege, phone, scam

In 2026 stolen credentials and unmanaged machine identities drive breaches”, small buys, phone scams, and weak IAM make identity the real perimeter; prioritize inventory, least privilege, and stronger auth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/why-attackers-no-longer-need-to-break-in-the-rise-of-identity-based-attacks/
KI als AWS-Angriffsturbo

Feb 6, 2026 10:13 AM

Tags: access, ai, ceo, ciso, cloud, cyberattack, detection, framework, hacker, iam, least-privilege, LLM, risk, threat, training

Kriminelle Hacker haben ihre Angriffe auf AWS-Umgebungen mit KI beschleunigt.Forscher des Sicherheitsanbieters Sysdig haben einen Angriff aufgedeckt, bei dem kriminelle Angreifer eine AWS-Umgebung in weniger als acht Minuten vollständig kompromittieren konnten. Laut den Threat-Spezialisten nutzten die Bedrohungsakteure dabei eine Cloud-Fehlkonfiguration mit der Hilfe von Large Language Models (LLMs) aus, um den gesamten Angriffs-Lebenszyklus zu komprimieren…
From credentials to cloud admin in 8 minutes: AI supercharges AWS attack chain

Feb 3, 2026 5:14 PM

Tags: access, ai, attack, ciso, cloud, credentials, detection, framework, group, iam, least-privilege, LLM, monitoring, training

Lateral movement, LLMjacking, and GPU abuse: Once administrative access was obtained, the attacker moved laterally across 19 distinct AWS principals, assuming multiple roles and creating new users to spread activity across identities. This approach enabled persistence and complicated detection, the researchers noted.The attackers then shifted focus to Amazon Bedrock, enumerating available models and confirming that…
What’s New in Tenable Cloud Security: Multi-cloud Risk Analysis, Attack Surface Assessments, Improved IAM Security and More

Feb 2, 2026 8:14 PM

Tags: ai, attack, cloud, compliance, data, data-breach, endpoint, gartner, google, governance, iam, identity, infrastructure, Internet, least-privilege, microsoft, mitigation, network, radius, risk, risk-analysis, service, supply-chain, switch, tool, training, vulnerability

Tenable Cloud Security continues to expand the technical depth of our Tenable One exposure management platform. Our latest enhancements include unified multi-cloud exploration, high-fidelity network validation, and expanded entitlement visibility across infrastructure and identity providers. Key takeaways Graph-based multi-cloud exploration: We’ve leveraged our unified data model to provide deep visibility across all cloud environments. You…
Why non-human identities are your biggest security blind spot in 2026

Feb 2, 2026 1:13 PM

Tags: access, api, breach, cloud, control, credentials, data-breach, github, google, governance, identity, least-privilege, password, service, threat, tool

The three blind spots I keep finding: After years working in cloud security and identity management, certain patterns show up everywhere I look. Three problems in particular appear in nearly every environment I assess. Secrets where they should never be. I still find API keys hardcoded in source files. Still. In 2026. Last year, GitGuardian…
What makes least privilege essential in secure cloud operations

Feb 1, 2026 5:13 AM

Tags: access, cloud, least-privilege

How Can Least Privilege Transform Secure Cloud Operations? Have you ever pondered the repercussions of over-privileged access in cloud environments? With the rapid adoption of cloud technologies, the concept of least privilege has emerged when a cornerstone for secure cloud operations. This principle, while seemingly simple, significantly influences various sectors, enhancing security and operational efficiency….…
Ändere Dein Passwort Tag 2026: Least Privilege und Zugangskontrolle gilt es flankierend zu beachten

Feb 1, 2026 5:13 AM

Tags: least-privilege, password

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/andere-dein-passwort-tag-2026-least-privilege-zugangskontrolle
MCP security: How to prevent prompt injection and tool poisoning attacks

Jan 30, 2026 4:22 PM

Tags: access, ai, api, attack, authentication, automation, best-practice, business, ceo, communications, control, credentials, data, defense, detection, email, endpoint, exploit, framework, github, governance, guide, incident response, infrastructure, injection, least-privilege, LLM, malicious, monitoring, network, radius, risk, service, siem, software, sql, supply-chain, threat, tool, unauthorized, vulnerability

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with security risks. MCP servers store sensitive credentials, handle business logic, and connect to APIs. This makes them prime targets for attackers who have learned to…
Obsidian Security Extends Reach to SaaS Application Integrations

Jan 22, 2026 6:46 PM

Tags: least-privilege, saas, service, software

Obsidian Security today announced that it has extended the reach of its platform for protecting software-as-a-service (SaaS) applications to include any integrations. Additionally, the company is now making it possible to limit which specific end users of a SaaS application are allowed to grant and authorize new SaaS integrations by enforcing least privilege policies. Finally,..…
Warum Microsoft-365-Konfigurationen geschützt werden müssen

Jan 22, 2026 9:30 AM

Tags: access, authentication, backup, ciso, cloud, compliance, framework, least-privilege, mail, mfa, microsoft, office, powershell, risk, zero-trust

Lesen Sie, warum CISOs den M365-Tenant stärker in den Blick nehmen müssen.Im Jahr 2010 war Office 365 eine einfache Suite mit Office-Anwendungen und zusätzlicher E-Mail-Funktion. Das hat sich 15 Jahre später mit Microsoft 365 geändert: Die Suite ist ein wesentliches Element in den Bereichen Kommunikation, Zusammenarbeit und Sicherheit. Dienste wie Entra, Intune, Exchange, Defender, Teams…
Mehr Sicherheit und bessere Governance für Microsoft-365-Tenants

Jan 21, 2026 3:13 PM

Tags: governance, least-privilege, microsoft, resilience

Coreview bietet mit Tenant-Resilience und Tenant-Management ab sofort zwei neue Lösungen für den Schutz und das Management von Microsoft-365-Tenants über seine Coreview-One-Plattform an. Bei fast zwei Dritteln (63 %) der Microsoft-365-Tenants wird der Least-Privilege-Ansatz nicht umgesetzt. Gleichzeitig meldet Microsoft zunehmende Manipulationen von Konfigurationen bei Identitäts- und Gerätemanagementdiensten. Vor diesem Hintergrund gewinnt der Schutz und die…
13 cyber questions to better vet IT vendors and reduce third-party risk

Jan 21, 2026 9:13 AM

Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerability

Vital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…
13 cyber questions to better vet IT vendors and reduce third-party risk

Jan 21, 2026 9:13 AM

Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerability

Vital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…