The Last Watchdog

JANUARY 25, 2021

SolarWinds and Mimecast are long-established, well-respected B2B suppliers of essential business software embedded far-and-wide in company networks. Dornbush: The big takeaway is that third-party risk is real and not likely to be measurable via a standard form or checklist. Businesses are target-able entities.

Hacking 228

Hacking B2B Authentication Software 228

Security Affairs

OCTOBER 5, 2023

Researcher discovered that global B2B CRM provider Really Simple Systems exposed online a non-password-protected database with million records. Upon further research, records indicated that the database belonged to global B2B CRM provider Really Simple Systems. Jeremiah finds and reports data breaches and vulnerabilities.

Data breaches 113

Data breaches B2B Education Identity Theft 113

eSecurity Planet

APRIL 9, 2024

These checklists include security standards and best practices for SaaS and cloud applications, and B2B SaaS providers use them to guarantee that their solutions match customer security standards. Is data encrypted in transit and at rest? Do you understand the potential risks connected with each provider’s integration points?

Risk 86

Risk Threat Detection Data breaches Encryption 86

The Last Watchdog

AUGUST 6, 2018

Related podcast: Why identities are the new firewall. To combat this issue, adaptive authorization policies need to be implemented and enforced; access can be conditional, taking into account risk. In the B2B world, a company should never provision a password to a third-party.

Digital transformation 181

Digital transformation Passwords Data breaches Authentication 181

eSecurity Planet

JULY 6, 2021

Like SolarWinds, both companies serve large B2B audiences, where Kaseya’s products produce hundreds of end products and services. The Ransomware-as-a-Service (RaaS) gang infiltrated Kaseya’s server, moved to client networks, and executed ransomware encryption to lock end-client networks. Managing supply chain risk.

Ransomware 114

Ransomware B2B Software System Administration 114

eSecurity Planet

JULY 28, 2021

Since the 1970s, Public Key Infrastructure (PKI) has offered encryption , authentication, bootstrapping, and digital signatures to secure digital communications. As encryption methods go, AES-128 and RSA-2048 are vulnerable to quantum attacks. For every digital asset – configuration, firewall rules, VM images, etc. Block Armour.

Cybersecurity 135

Cybersecurity Cryptocurrency Technology Energy and Utilities 135

SecureList

DECEMBER 10, 2020

Should this information fall into the wrong hands, it would not only be problematic for the company, but would put the employer’s own privacy at risk. Working from home and using personal devices only compounds these risks, particularly when employees are not taught the appropriate cybersecurity policies or given the right tools.

Scams 57

Scams Passwords Phishing Internet 57