Single Sign-On | Breaking Cybersecurity News | The Hacker News

Attackers are increasingly making use of "networkless" attack techniques targeting cloud apps and identities. Here's how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let's discuss why these attacks are becoming more prevalent.  SaaS adoption is changing the make-up of company IT  The SaaS revolution and  product-led growth  have had a huge impact on the structure of company networks, and where core business systems and data reside.  Most organizations today are using tens to hundreds of SaaS applications across business functions. Some are entirely SaaS-native, with no traditional network to speak of, but most have adopted a hybrid model with a mixture of on-premise, cloud, and SaaS services forming the backbone of business applications being used.  The bulk of SaaS adoption is user-driven, as opposed to centrally

The threat actor known as  Muddled Libra  has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. "Organizations often store a variety of data in SaaS applications and use services from CSPs," Palo Alto Networks Unit 42  said  in a report published last week. "The threat actors have begun attempting to leverage some of this data to assist with their attack progression, and to use for extortion when trying to monetize their work." Muddled Libra, also called Scatter Swine, Scattered Spider, Starfraud, and UNC3944, is a notorious cybercriminal group that has leveraged sophisticated social engineering techniques to gain initial access to target networks.  "Scattered Spider threat actors have historically evaded detection on target networks by using living off the land techniques and allowlisted applications to navigate victim networks, as well as frequen

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised identities, including cloud and SaaS credentials. Given this reality, IT security leaders need practical and effective  SaaS security solutions  designed to discover and manage their expanding SaaS footprint. Here are 5 key ways Nudge Security can help. Close the visibility gap Knowing the full scope of SaaS apps in use is the foundation of a modern IT governance program. Without an understanding of your entire SaaS footprint, you cannot say with confidence where your corporate IP is stored (Did someone sync their desktop to Dropbox?), you cannot make assumptions about your customer data (Did s

According to recent research on  employee offboarding , 70% of IT professionals say they've experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn't deprovisioned, a surprise bill for resources that aren't in use anymore, or a missed handoff of a critical resource or account. This is despite an average of five hours spent per departing employee on activities like finding and deprovisioning SaaS accounts. As the SaaS footprint within most organizations continues to expand, it is becoming exponentially more difficult (and time-consuming) to ensure all access is deprovisioned or transferred when an employee leaves the organization.  How Nudge Security can help Nudge Security is a  SaaS management platform  for modern IT governance and security. It discovers every cloud and SaaS account ever created by anyone in your organization, including generative AI apps, giving you a single source of truth for depa

If there's one thing all great SaaS platforms share in common, it's their focus on simplifying the lives of their end-users. Removing friction for users in a safe way is the mission of single sign-on (SSO) providers. With SSO at the helm, users don't have to remember separate passwords for each app or hide the digital copies of the credentials in plain sight. SSO also frees up the IT's bandwidth from handling recurring password reset requests while improving productivity for everyone in your organization. However, there is also a level of risk that comes with SSO capability.  How to protect against SSO fails Real-Life Risks Involved in SSO  While SSO facilitates ease of access to a great extent, it also comes with some amount of imminent risk. SSO is a good enabler of efficiency, but not the end-all security solution with its own flaws that allow for bypass. There's a specific class of vulnerability that Adam Roberts from the NCC Group detected in several SSO