Permissions matter for SaaS Security – Why?
Earlier this year, attackers compromised Mailchimp, a popular SaaS email marketing platform. We examined over 300 Mailchimp customer accounts and exported audience data from 102 of them. The compromise was preceded by a successful phishing attempt that launched a malicious attack against an end-user of a Mailchimp customer. Three months later, Mailchimp suffered another attack. […]
Lets talk about Supply Chain Attacks and Cloud Native
The past couple of years have seen an upward push in software supply chain attack, with the maximum salient example being the SolarWinds attack. As production environments have gained a couple of layers of safety, and lots of the attention of safety groups, malicious actors have set their points of interest on “poisoning the properly”, […]