Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

miniorange

Flexible Login Options for Shopify B2B - SSO, Social Login & More

Sep 9, 2025 By Saloni Walimbe In miniOrange
Struggling with login restrictions on Shopify B2B stores? Learn how to enable custom authentication for Shopify B2B customers and support multiple login methods (Email-Password, Phone-OTP Login, Social Login, Single Sign-On, etc.) for Shopify Customer Accounts with miniOrange solutions.
Read Post
Featured Post
Manufacturing's Hidden Cyber Threat: The Growing Danger of Unsecured Machine Identities

Manufacturing's Hidden Cyber Threat: The Growing Danger of Unsecured Machine Identities

Sep 7, 2025 By Dave McGrail, Head of Business Consultancy, Xalient and Jon Neal, EMEA Field CTO, Saviynt In Xalient
The wave of smart manufacturing is sweeping across the industry, bringing with it a seismic shift that is characterized by hyper-connectivity, relentless automation and unprecedented data-driven precision. However, manufacturing plants and factories are not just filled with machines; they're teeming with thousands of non-human identities (NHIs) from robotic arms and programmable logic controllers (PLCs) to IoT and IIoT sensors seamlessly integrated through the production lines. While they drive operational efficiency, they also represent a rapidly expanding and often invisible attack service.
Read Post
cyberark

Defeating Microsoft EPM in the Race to Admin: a Tale of a LPE vulnerability

Sep 4, 2025 By Rotem Salinas In CyberArk
Not too long ago I read an interesting blogpost by SpecterOps about Microsoft EPM that got my attention as I was not aware of this Microsoft product/feature. It was interesting to learn that Microsoft expanded into the realm of Endpoint Privilege Management and since this means that there must be some service/driver running with high privileges that elevates low-privileged processes, I thought there could be potential vulnerabilities and bugs.
Read Post
cyberark

Cheaters never win: large-scale campaign targets gamers who cheat with StealC and cryptojacking

Sep 4, 2025 By Ari Novick In CyberArk
A sprawling cyber campaign is turning gamers’ hunger to gain an edge into a massive payday for threat actors who are leveraging over 250 malware samples to steal credentials and cryptocurrencies. The operation has already netted wallets containing more than US$135,000. In this blog post, we will delve into a specific infection instance, explore its mechanisms. and share indicators of compromise (IoCs).
Read Post
Xalient appoints Andrew Critchley to accelerate Identity Strategy and Global Identity Managed Services

Xalient appoints Andrew Critchley to accelerate Identity Strategy and Global Identity Managed Services

Sep 3, 2025 By Xalient In Xalient
Xalient announces the appointment of Andrew Critchley as Head of UK Identity Practice and Global Identity Managed Services. Andrew is a recognized IAM Subject Matter Expert with a strong track record in developing and scaling identity services across global enterprises.
Read Post
cyberark

Salesloft Drift incident overview and CyberArk's response

Sep 3, 2025 By Dor Liniado In CyberArk
It was recently reported that Salesloft’s Drift application was breached, allowing unauthorized access to its customers’ Salesforce data and affecting hundreds of organizations, including CyberArk. Upon learning of this incident, we quickly deployed threat containment measures, including terminating our Salesforce–Drift connection; disabling the Drift application and revoking all related user credentials; and rotating all Salesforce integration credentials.
Read Post
miniorange

SMS, Email, TOTP or Push? How to Choose the Right 2FA Method for Your Atlassian Users

Sep 2, 2025 By Akshay Kedari In miniOrange
Choosing the right multi-factor authentication (MFA) method can be a tricky decision for Atlassian admins. With options like SMS, Email, TOTP, and Push notifications, each comes with its own benefits and trade-offs. Let’s understand the strengths and weaknesses of different MFA methods.
Read Post
cyberark

Securing cloud console and CLI access for agile software development

Sep 2, 2025 By Sunit Randhawa and Prashant Tyagi In CyberArk
Fast-moving cloud environments demand speed, but without the right access controls they invite risk. Resources such as virtual machines, containers, and services are created, modified, and terminated at a rapid pace. At the same time, workloads are becoming increasingly distributed, with data and applications spanning multiple regions, accounts, and even across different cloud service providers (CSPs).
Read Post

Safeguard: Using the double-edged sword of AI for good

Aug 29, 2025 By One Identity by Quest In One Identity
Examine the function of AI in security tools, and how this double-edged sword can be used for good or ill in the cybersecurity sphere. Plus, see its integration into an identity fabric and get a glimpse into its responsible use – paired with the human element – in One Identity Safeguard.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.