Threat Post

SaaS Attacks: Lessons from Real-Life Misconfiguration Exploits

There is a way to protect users from deceptive OAuth apps, misconfigurations and misappropriated user permissions. SaaS Security Posture Management (SSPM) takes an automated approach to tracking, and ...
Dark Reading

What the AppSec Penetration Test Found

It should come as no surprise that misconfigured security by far remains the most common flaw found in applications today with the wave of exposed Amazon Web Services S3 buckets, HTTPS pages, and ...
CSOonline

Group permission misconfiguration exposes Google Kubernetes Engine clusters

It's easy for admins to misunderstand what GKE considers authenticated users and set permissions that could allow anyone with a Google account to access their systems. Researchers warn that many ...