Identity Management | Breaking Cybersecurity News | The Hacker News

As hybrid and multi-cloud environments become the standard, organizations are under growing pressure to deliver scalable and secure remote access. Traditionally, Virtual Private Networks (VPNs) have been the go-to solution for connecting remote users to corporate networks. While VPNs have been essential for remote access, they were originally designed for simpler, perimeter-based security models. Organizations that rely solely on VPNs face significant limitations, including weak access control, increased risk of lateral movement and poor visibility. Continue reading to learn the limitations of VPN-based access and how KeeperPAM® provides a strong, modern alternative for securing remote access. Why VPNs are no longer enough Although VPNs have been used to enable remote access within organizations, the limitations of VPNs are becoming increasingly clear as IT environments span across multiple on-premises, hybrid and remote systems. Relying on VPN-based access alone can actually make ...

You're jolted awake by a 2:46 AM critical alert: ransomware in production. Customer data's compromised, systems are locked, and $1 million Bitcoin demand stares back at you. Your SIEM lit up. EDR flagged unusual file access. ITDR surfaced account anomalies. But it's too late. The attacker got in with stolen credentials, likely from a phishing email. Once authenticated, they slipped past your defenses, escalated privileges, and detonated ransomware. The post-incident report reveals what your tools missed: the initial login. If authentication had tapped real-time signals from your existing security stack — device compliance, threat intelligence, or login anomalies — the stolen credential could have been blocked at the login prompt, stopping the attack cold. Why Identity Is the New Perimeter Adversaries are increasingly focused on identities and credentials rather than fortified perimeters or servers. After all, why bother cracking a vault when you can stroll in with the keys?  ...

ShinyHunters is a notorious cybercrime group that has resurfaced with a new playbook of SaaS-focused attacks. Known for monetizing stolen data on underground forums since 2020, ShinyHunters has historically breached companies by stealing credentials and databases. Recently, however, they've shifted tactics to aggressive social engineering, mirroring the methodology of the Scattered Spider group. Instead of exploiting software vulnerabilities, ShinyHunters now exploits human trust, targeting the underbelly of third-party SaaS platforms through impersonation and phishing. In mid-2025, a wave of breaches struck companies like Google, Workday, Pandora, Cisco, Chanel, and others, all tied together by one common thread: the attackers leveraged access to these firms' Salesforce CRM or similar cloud systems. Below, we look at what happened in the Google and Workday breaches, examine techniques ShinyHunters used, and demonstrate how a dynamic SaaS security approach (like Reco's) could have...

With every credential breach that hits the news, CISOs and security professionals continually reach the same conclusion: passwords are insecure, and we should abandon them in favor of less risky authentication factors. But, secure or not, passwords are stubborn. The 2025 Verizon DBIR rated the likelihood of this being the year we finally eliminate passwords as being on par with "this being the year of the Linux desktop."  Any IT or security pro who has had to explain passkeys to their coworkers can tell you that 2025 isn't going to be the year we do away with passwords. Frankly, that year's not likely to come any time soon. Even if it were technically feasible (it often isn't) to transition every single login at a company to passkeys or biometrics, that would take years of concentrated effort. In the meantime, security leaders can't afford to sit on their hands and ignore the credential risks currently facing their company.  We need a new approach to thinking about secur...

Your identity environment holds the keys to your most critical data in the form of privileged accounts. Industry consolidation and a desire for company growth both often lead to mergers or acquisitions which, if not managed closely, can wreak havoc on an identity landscape. Mergers of identity environments create a glut of identities and identity accounts to manage, some of which may be redundant. They also introduce new 3rd parties, contractors and non-human identities like service accounts, bots etc.... into the equation. In addition, a merger or acquisition could hybridize the identity landscape, adding Cloud applications to on-prem resources, and vice versa. All of this increases the attack surface if not managed properly. As the two companies determine how to best work together, there is a level of uncertainty that can result in temporary measures as a stop-gap. Temporary access is often granted to provide employee, contractor and third party access to applications and privile...

Identity-based attacks are the #1 cause of breaches, often exploiting weaknesses in traditional identity platforms. It's time for a proactive approach that addresses these gaps and stops threats before they strike. Identity has become the primary attack surface in cybersecurity. According to Forbes, 75% of cyberattacks leverage identity-based threats. Threat actors gain access using stolen credentials, compromised devices, and deepfake impersonation techniques, often bypassing traditional defenses without detection. Many identity platforms rely on MFA, such as push notifications and one-time passcodes (OTPs), which were once considered secure but are now frequently exploited through phishing, MFA fatigue, and man-in-the-middle attacks. The rise of generative AI has made these threats more effective and more prevalent.  To compensate, organizations have deployed tools like Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and Identity Threat Detection ...

The cybersecurity community has been buzzing about JPMorgan Chase CISO Pat Opet's open letter to third-party suppliers since its release right before RSA. This candid assessment from the security leader of one of the world's largest financial institutions has struck a chord, particularly his observations about SaaS security. Opet didn't mince words: " SaaS models are fundamentally reshaping how companies integrate services and data—a subtle yet profound shift eroding decades of carefully architected security boundaries ." This statement encapsulates a reality that security professionals have been grappling with—the traditional security perimeter has dissolved, replaced by a complex web of interconnected SaaS applications, each with their own configurations, access controls, and data sharing capabilities. Let's break down the key issues highlighted in Opet's letter and explore practical solutions. The New SaaS Security Challenges OAuth Vulnerabiliti...

I have been a Star Wars fan since the moment I took my seat in the theatre and saw Princess Leia's rebel ship trying to outrun an Imperial Star Destroyer. It's impossible to see that movie (or its greatest successor, Andor ) and not take the side of the underdog rebels, who are determined to escape the iron fist of imperial control. Of course, in my work as a security professional, "control" is the name of the game. I've spent as much of my career trying to stop my own end-users from going outside the lines as I have trying to guard against malicious outsiders. I personally still think I'm the good guy, since my ultimate goal is to protect sensitive data, but I understand why IT and security teams are often seen as the bad guys. After all, we do operate according to something called the "rule of no." It's not great branding, and increasingly, it just isn't working. Here's the situation in 2025: we have a galaxy's worth of diverse applications, devices, and user identities accessing...

SaaS applications are the backbone of modern organizations, powering productivity and collaboration. However, they also introduce critical security risks—identity sprawl, misconfigurations, and an expanding attack surface. Identity providers have become a prime target for threat actors, prompting security teams to focus on protecting identities across multiple SaaS environments. To mitigate these risks, many organizations adopt SaaS Security Posture Management (SSPM) to harden configurations, enforce least-privilege access, and maintain visibility over human and non-human identities. SSPM is an essential preventive tool that improves cyber hygiene by reducing the attack surface. Yet prevention alone is not enough in today's evolving threat landscape. Identity Threat Detection and Response (ITDR) is crucial to bridge this gap and enable organizations to detect and respond fast to active threats targeting their identity infrastructure. The Growing Threat to SaaS Identities The rise i...

Across industries, businesses are focused on achieving key objectives such as: Driving sustainable revenue growth Reducing costs and improving efficiency Strengthening security and ensuring compliance Customer Identity and Access Management (CIAM) is central to these goals. A robust CIAM solution doesn't just enable seamless user authentication and access—it unifies identity across an organization's digital ecosystem. This ensures that customers can engage consistently across all channels while enabling sales, marketing, and support teams to leverage a single, authoritative view of each user. Moreover, outsourcing Customer Identity to an extensible CIAM platform enhances agility, freeing developers to focus on core applications. This results in faster development cycles, improved user experiences, and quicker time-to-market. From a security perspective, CIAM is critical for protecting user data, preventing identity-based threats, and meeting regulatory requirements. However, t...