Overview Identity and privilege controls are now as important to breach prevention as perimeter defenses. If credentials are the keys, then privilege management determines how many doors those keys can open and for how long. The Business Problem: Excessive and…
In 2022, users at over 130 organizations were duped into providing their credentials to a fake Single Sign-On page. The phishing campaign sent text messages urging recipients to verify their Multi-Factor Authentication (MFA) credentials via a link to a fake…
Overview In the hybrid workplace, Microsoft Intune is more than a convenience; it’s the control plane for managing and securing the devices that connect to corporate resources. Whether laptops, mobile phones, or tablets, Intune ensures endpoints are compliant, protected, and…
In October 2023, a network appliance and software vendor announced that a critical vulnerability had been exploited on a version of their operating system and released an update to patch the security flaw. In February 2025, 16 months after the…
In February 2024 a municipal government suffered a major ransomware attack after threat actors exploited a vulnerability in an externally exposed internet-facing server. The attackers gained access to the system and conducted covert reconnaissance before deploying ransomware that encrypted critical infrastructure. A post-incident review…
In February 2024, a major U.S. healthcare technology provider was compromised by a ransomware group that gained access through a remote access portal lacking multi-factor authentication (MFA). The attackers used stolen credentials to enter the network, moved laterally across systems,…
Overview Today’s cyber incidents are no longer confined to IT systems. A ransomware attack, credential compromise, or supply chain intrusion can cascade through interconnected systems, disrupting manufacturing operations, halting customer transactions, triggering compliance investigations, and eroding public trust. Yet, in…
Every gap between cloud workloads, on-premises data centers, SaaS applications, campus networks, and remote endpoints is an opportunity for attackers. Yet, most organizations have security infrastructure consisting of a patchwork of tools each with its own console and policies. Fragmented…
