Stories: Stories

1Password Device Trust partners with Tailscale and Twingate

Wed, 30 Oct 2024 10:50:19 +0000

Over the past few decades, securing remote access has become monumentally more complex. Remote work, with all of its benefits, has also furthered the threats of shadow IT and unauthorized remote access.

Companies now need to secure their systems by guarding five pillars: identities, applications, devices, data, and networks.

Even so, there’s a gap between the people, devices, and applications that we trust to access sensitive data, and those that actually do in practice (this is called the “Access-trust Gap”). As such, we created 1Password Extended Access Management® to give companies complete visibility and control over the user identities and devices that access their resources.

Guide: The Ultimate Pentest Checklist for Full-Stack Security

Tue, 22 Oct 2024 07:25:28 +0000

Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization's attack surface, both internal and external. By providing a structured approach, these checklists help testers systematically uncover vulnerabilities in various assets like networks, applications, APIs, and systems.

They ensure no critical area is overlooked and guide the testing process, making it more efficient and effective at identifying security weaknesses that could be exploited by attackers. A pentest checklist essentially leaves no stone unturned and is a detailed and comprehensive list of every type of vulnerability in which to simulate an attack against.

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Mon, 21 Oct 2024 07:12:47 +0000

Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data.

"The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and even gain direct access to plaintext," ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong said. "Remarkably, many of our attacks affect multiple providers in the same way, revealing common failure patterns in independent cryptographic designs."

The identified weaknesses are the result of an analysis of five major providers such as Sync, pCloud, Icedrive, Seafile, and Tresorit. The devised attack techniques hinge on a malicious server that's under an adversary's control, which could then be used to target the service providers' users.

Acronym Overdose – Navigating the Complex Data Security Landscape

Sun, 20 Oct 2024 09:36:53 +0000

n the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms in data security today and offer practical guidance to help businesses navigate the data security landscape and protect their most valuable assets with confidence.

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Sun, 20 Oct 2024 09:27:13 +0000

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials.

Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified governmental organization located in one of the Commonwealth of Independent States (CIS) countries. However, it bears noting that the message was originally sent in June 2024.

Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity

Thu, 17 Oct 2024 06:40:03 +0000

Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity.

Trend Micro said it detected "threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection."

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

Thu, 17 Oct 2024 06:39:20 +0000

A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances.

The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.