Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP ...

Mandiant releases rainbow table that cracks weak admin password in 12 hours

Security firm Mandiant has released a database that allows any administrative password protected by Microsoft’s NTLM.v1 hash ...
Network World

The perfect certificate migration until it wasn’t: How certificates can break RADIUS trusts

RADIUS didn’t fail — certificate trust did, proving one forgotten root CA can bring modern network access to a full stop.
Microsoft

Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

Microsoft’s investigation into RedVDS services and infrastructure uncovered a global network of disparate cybercriminals ...
Cloud Security Alliance

Reimagining the Browser as a Critical Policy Enforcement Point: A Zero Trust Security Architecture for Modern Enterprises

Explores turning the browser into a policy enforcement point within a Zero Trust framework, covering governance, MFA, device ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...