Written by ArmorCode. An S3 bucket is a fundamental resource in Amazon Web Services (AWS) for storing and managing data in the cloud. S3 stands for “Simple Storage Service,” providing scalable, durable, and highly available object storage. S3 is widely used for various purposes, such as storing backups, hosting static websites, serving as a data lake for...
Written by Wing Security. Offboarding employees may seem like a routine administrative task, but the security risks it poses are anything but ordinary. In today’s interconnected digital landscape, failing to properly revoke access for departing employees can lead to catastrophic data breaches, compliance violations, and intellectual property theft. Let’s...
Originally published by Oasis Security. Written by Joel McKown, Solutions Engineer, Oasis Security. There are many inevitabilities in technology, among them is that rapid innovation will introduce unique risks and 3 letter acronyms will abide. Generative AI conversations have become top of mind, as business races to find the most value from a new technological arena...
Originally published by Cyera. Healthcare organizations face rising cybersecurity threats looking to exfiltrate patient data. This article explores major healthcare data breaches, the value of stolen medical info, and how data security posture management (DSPM) solutions provide comprehensive data mapping, classification, monitoring, and access controls to secure...
Originally published by Oasis Security. Written by Roey Rozi, Director of Solutions Architecture, Oasis Security. Cloudflare disclosed on February 2nd that it had been breached by a suspected nation-state attacker. This breach exploited multiple unrotated and exposed secrets. The chain of events began with the Okta breach in October 2023, during which the attacker...
Figure 2 – The events driving our dailies workflow example The lifetime of authorization rules is set according to the security requirements of the production. In the case where the production has decided on more of a “least-privilege” approach using short-lifetime authorization rules, many of the events in the workflow could trigger security authorization changes...
Originally published by Adaptive Shield. Written by Hananel Livneh. Last month, The Verge reported on an amusing story of abusing Slack in a design, technology, science, and science fiction website. Tom McKay of IT Brew successfully hid on Slack after leaving the company in 2022 by assuming the persona of “Slackbot,” remaining undetected by management for...