#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

Identity Management | Breaking Cybersecurity News | The Hacker News

Category — Identity Management
It's Time To Untangle the SaaS Ball of Yarn

It's Time To Untangle the SaaS Ball of Yarn

Aug 21, 2024 SaaS Security / Data Security
It's no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services. Unfortunately – as is so often the case – our appetite for better workflows, collaboration, and communications outpaced our willingness to make sure these tools and processes were secure as we hooked them into our environments, handing off our control of the security of our data. Each of these applications asks for various amounts of permissions into our data, which often rely on other vendors' services, creating not a network, but a tangle of interdependent intricacies that has become so complex most security and IT teams don't even know how many SaaS applications are connected in, let alone what they are or their access permissi...
Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information

Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information

Aug 20, 2024 Enterprise Security / Data Breach
Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information. "A potential issue in NetSuite's SuiteCommerce platform could allow attackers to access sensitive data due to misconfigured access controls on custom record types (CRTs)," AppOmni's Aaron Costello said . It's worth emphasizing here that the issue is not a security weakness in the NetSuite product, but rather a customer misconfiguration that can lead to leakage of confidential data. The information exposed includes full addresses and mobile phone numbers of registered customers of the e-commerce sites. The attack scenario detailed by AppOmni exploits CRTs that employ table-level access controls with the "No Permission Required" access type, which grants unauthenticated users access to data by making use of NetSuite's record and search APIs. That sa...
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Jan 20, 2025Data Security / Data Monitoring
Every week seems to bring news of another data breach, and it's no surprise why: securing sensitive data has become harder than ever. And it's not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting stricter and more elaborate.  The problem is that while the data landscape has evolved rapidly, the usual strategies for securing that data are stuck in the past. Gone are the days when data lived in predictable places, with access controlled by a chosen few. Today, practically every department in the business needs to use customer data, and AI adoption means huge datasets, and a constant flux of permissions, use cases, and tools. Security teams are struggling to implement effective strategies for securing sensitive data, and a new crop of tools, called data security platforms, have appear...
Identity Threat Detection and Response Solution Guide

Identity Threat Detection and Response Solution Guide

Aug 15, 2024 Identity Security / Threat Detection
The Emergence of Identity Threat Detection and Response Identity Threat Detection and Response (ITDR) has emerged as a critical component to effectively detect and respond to identity-based attacks. Threat actors have shown their ability to compromise the identity infrastructure and move laterally into IaaS, Saas, PaaS and CI/CD environments. Identity Threat Detection and Response solutions help organizations better detect suspicious or malicious activity in their environment. ITDR solutions give security teams the ability to help teams answer the question "What's happening right now in my environment - what are my identities doing in my environments." Human and Non-Human Identities As outlined in the ITDR Solution Guide, comprehensive ITDR solutions cover both human and non-human identities. Human identities entail the workforce (employees), guests (contractors), and vendors. Non-human identities include tokens, keys, service accounts, and bots. Multi- environment ITDR solutions c...
cyber security

2024: A year of identity attacks | Get the new ebook

websitePush SecurityIdentity Security
Identity attacks were the leading cause of breaches in 2024. Learn how tooling and techniques are evolving.
Suspicious Minds: Insider Threats in The SaaS World

Suspicious Minds: Insider Threats in The SaaS World

Aug 06, 2024 SaaS Security / Threat Detection
Everyone loves the double-agent plot twist in a spy movie, but it's a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research , 26% of companies who reported a SaaS security incident were struck by an insider.  The challenge for many is detecting those threats before they lead to full breaches. Many security professionals assume there is nothing they can do to protect themselves from a legitimate managed user who logs in with valid credentials using a company MFA method. Insiders can log in during regular business hours, and can easily justify their access within the application.  Cue the plot twist: With the right tools in place, businesses can protect themselves from the enemy from within (and without).  Learn how to secure your entire SaaS stack from both internal and external threats Subduing Identity-Centric Threats with ITDR  In SaaS security, an Ide...
Threat Prevention & Detection in SaaS Environments - 101

Threat Prevention & Detection in SaaS Environments - 101

Jul 16, 2024 SaaS Security / Identity Management
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and respond to them.  According to the US Cybersecurity and Infrastructure Security Agency (CISA), 90% of all cyberattacks begin with phishing, an identity-based threat. Throw in attacks that use stolen credentials, over-provisioned accounts, and insider threats, and it becomes quite clear that identity is a primary attack vector. To make matters worse, it's not just human accounts that are being targeted. Threat actors are also hijacking non-human identities, including service accounts and OAuth authorizations, and riding them deep into SaaS applications.  When threat actors get through the initial defenses, having a robust Identity Threat Detection and Response (ITDR) system in place as an integral part of Identity Security can prevent massive breaches. Last month's Snowflake breach is a perfect example. Threat actors took advanta...
Streamlined Security Solutions: PAM for Small to Medium-sized Businesses

Streamlined Security Solutions: PAM for Small to Medium-sized Businesses

Jul 11, 2024 Compliance / Identity Management
Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit perceived vulnerabilities in smaller firms for expedient profit.  Small to medium-sized organizations often lack the resources and expertise for robust privileged identity management . Yet they increasingly require PAM solutions. Fortunately, the market now offers numerous vendors specializing in these needs. Recognizing the demand for accessible solutions, these vendors provide affordable options tailored to organizations aiming to meet stringent compliance standards or enhance security practices, requiring minimal installation and maintenance to gain full access controls .  To enhance t...
Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors

Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors

Jun 28, 2024 Cybersecurity / Cloud Security
The modern kill chain is eluding enterprises because they aren't protecting the infrastructure of modern business: SaaS .  SaaS continues to dominate software adoption , and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven't revised their security programs or adopted security tooling built for SaaS.  Security teams keep jamming on-prem pegs into SaaS security holes  The mature security controls CISOs and their teams depended on in the age of on-prem dominance have vanished. Firewalls now protect a small perimeter, visibility is limited, and even if SaaS vendors offer logs, security teams need homegrown middleware to digest them and push into their SIEM.  SaaS vendors do have well-defined security scopes for their products, but their customers must manage SaaS compliance and data governance, identity and access management (IAM), and application controls — the areas where most incidents occur. While this SaaS shared...
Lessons from the Snowflake Breaches

Lessons from the Snowflake Breaches

Jun 12, 2024 Data Breach / Identity Management
Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of a live event company's clientele, igniting a firestorm of concern and outrage.  Let's review the facts: two large organizations announced that they suffered a data breach, identifying unauthorized activity within a third-party cloud database environment. The accessed business records contained critical information on some employees, a large number of customers and other key business data.  The cloud connection  What might link these two breaches is the cloud data company Snowflake, which counts among its users both organizations. Snowflake did publish a warning with CISA , indicating a "recent increase in cyber threat activity targeting customer accounts on its cloud data platform." Snowflake issued a reco...
The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

May 13, 2024 Browser Security / Data Protection
With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems. Security leaders who are planning their security architecture require data and insights into the browser threat landscape. Recently, LayerX released the " Annual Browser Security Report 2024 ", providing an in-depth analysis of the evolving threat landscape for browser security.  This comprehensive report highlights the critical vulnerabilities and attack vectors that pose the greatest risks to enterprise security. It allows decision-makers and stakeholders to benchmark the security challenges of their environment so they can make actionable decisions. Below, we detail key findings from the report and a summarized list of security recommend...
How Attackers Can Own a Business Without Touching the Endpoint

How Attackers Can Own a Business Without Touching the Endpoint

Apr 19, 2024 Identity Protection / Endpoint Security
Attackers are increasingly making use of "networkless" attack techniques targeting cloud apps and identities. Here's how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let's discuss why these attacks are becoming more prevalent.  SaaS adoption is changing the make-up of company IT  The SaaS revolution and  product-led growth  have had a huge impact on the structure of company networks, and where core business systems and data reside.  Most organizations today are using tens to hundreds of SaaS applications across business functions. Some are entirely SaaS-native, with no traditional network to speak of, but most have adopted a hybrid model with a mixture of on-premise, cloud, and SaaS services forming the...
Identity in the Shadows: Shedding Light on Cybersecurity's Unseen Threats

Identity in the Shadows: Shedding Light on Cybersecurity's Unseen Threats

Apr 16, 2024 Cloud Security / Threat Intelligence
In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements has heightened the vulnerability of digital identities to exploitation, making it imperative for businesses to fortify their identity security measures. Our recent research report,  The Identity Underground Report , offers valuable insights into the challenges and vulnerabilities organizations encounter in managing digital identities. The report paints a vivid picture of the "hidden" identity security liabilities where attackers leverage Identity Threat Exposures (ITEs) such as forgotten user accounts and misconfigurations to breach organizations' defenses, with each ITE posing a significant threat to organizations' security posture. Discover the most common identity security gaps that lead to compromises in the first-ever threat report focused entirely on the prevalence of...
Expert Insights / Articles Videos
Cybersecurity Resources