Combatting Identity Threats
Device code attacks in Azure: From exploitation to detection
How attackers weaponize Microsoft's OAuth device code flow to steal tokens, bypass MFA, and maintain persistent access.The post Device code attacks in Azure: From exploitation to detection appeared first on Silverfort ...
When users say no: Turning MFA denials into threat intelligence
The click that could save you What if the most overlooked click in your security stack—a user denying an MFA prompt—was actually your best early warning sign of a real attack? Silverfort’s “User Denied ...
Canvas breach: An Identity Security action plan for education
If you work in education IT security, the news about Canvas hit differently. Instructure, the company behind the learning management system used by more than 8,000 universities and schools, suffered a major ...
Runtime. Runtime. Runtime. What CISOs and IAM leaders are calibrating after Mythos
Anthropic’s Mythos panicked the market, and after seeing what it does up close—running it against real enterprise environments alongside customers with access, and spending weeks in conversation with CISOs and IAM leaders who ...
Mythos, Spud, and beyond: When AI becomes the world’s best penetration tester
A research preview of an AI system quietly did something that makes every CISO reconsider their threat model. Without a human directing its steps, this new model identified thousands of zero-day vulnerabilities ...
NTLM Deprecation is Giving Us XP EOL Flashbacks: Are You Protected?
Microsoft recently announced the deprecation of NTLM protocol for Windows client. This falls in line with Microsoft’s encouragement to move away from NTLM due to the security risks it introduces – and acts ...
Identity Security Is the Key to Managing Manufacturers’ Supply Chain Cyber Risk
What’s the weakest link in a manufacturer’s security architecture? One of the common answers is ‘the one you can’t control’, with third-party access being the most prominent example. Supply chain attacks are ...
Beyond Passwords: Why Trusting Password Hygiene Isn’t Enough
Let’s discuss passwords and identity security. By entering a password that only you know, you are in theory “proving” to a system that you are who you claim to be. They have ...
Navigating Retail: Overcoming the Top 3 Identity Security Challenges
As retailers compete in an increasingly competitive marketplace, they invest a great deal of resources in becoming household names. But brand recognition is a double-edged sword when it comes to cybersecurity. The ...
Top 5 Evaluation Criteria For Choosing The Right ITDR Tool
Identity is now a top priority for security decision makers. The need to overcome malicious TTPs, such as credential access, privilege escalation and lateral movement, has never been more urgent. When over ...
