Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cyberark

Why secret sprawl may be your biggest security threat (and how to help fix it)

Sep 9, 2025 By Matt Barker In CyberArk
Picture this: You’re having your morning coffee when your phone buzzes with the kind of alert that makes security professionals break into a cold sweat. A single API key, leaked on GitHub months ago, has just given attackers a VIP pass to your entire infrastructure. Sound familiar? It should. The 2024 U.S. Treasury breach started exactly this way. One compromised machine identity opened the floodgates.
Read Post
cyberark

Defeating Microsoft EPM in the Race to Admin: a Tale of a LPE vulnerability

Sep 4, 2025 By Rotem Salinas In CyberArk
Not too long ago I read an interesting blogpost by SpecterOps about Microsoft EPM that got my attention as I was not aware of this Microsoft product/feature. It was interesting to learn that Microsoft expanded into the realm of Endpoint Privilege Management and since this means that there must be some service/driver running with high privileges that elevates low-privileged processes, I thought there could be potential vulnerabilities and bugs.
Read Post
cyberark

Cheaters never win: large-scale campaign targets gamers who cheat with StealC and cryptojacking

Sep 4, 2025 By Ari Novick In CyberArk
A sprawling cyber campaign is turning gamers’ hunger to gain an edge into a massive payday for threat actors who are leveraging over 250 malware samples to steal credentials and cryptocurrencies. The operation has already netted wallets containing more than US$135,000. In this blog post, we will delve into a specific infection instance, explore its mechanisms. and share indicators of compromise (IoCs).
Read Post
cyberark

Salesloft Drift incident overview and CyberArk's response

Sep 3, 2025 By Dor Liniado In CyberArk
It was recently reported that Salesloft’s Drift application was breached, allowing unauthorized access to its customers’ Salesforce data and affecting hundreds of organizations, including CyberArk. Upon learning of this incident, we quickly deployed threat containment measures, including terminating our Salesforce–Drift connection; disabling the Drift application and revoking all related user credentials; and rotating all Salesforce integration credentials.
Read Post
cyberark

Securing cloud console and CLI access for agile software development

Sep 2, 2025 By Sunit Randhawa and Prashant Tyagi In CyberArk
Fast-moving cloud environments demand speed, but without the right access controls they invite risk. Resources such as virtual machines, containers, and services are created, modified, and terminated at a rapid pace. At the same time, workloads are becoming increasingly distributed, with data and applications spanning multiple regions, accounts, and even across different cloud service providers (CSPs).
Read Post
cyberark

Declutter your crypto: Machine identity security for a post-quantum world

Aug 27, 2025 By Kevin Bocek In CyberArk
In a bad dream, you open the closet. You think you know exactly what’s in there: a few SSH keys, a bunch of TLS certificates, and some secrets like API keys locked in what you believe to be a safe place. But pull it all out and suddenly you find yourself face-to-face with stacks of forgotten ciphers, drawers stuffed with expired certificates, and algorithms in use you thought teams had left behind in 2011. And that’s just for one application.
Read Post

EP 14 - Beyond secrets: Securing the future of machine identity

Aug 27, 2025 By CyberArk In CyberArk
In this episode of Security Matters, host David Puner sits down with Matt Barker, CyberArk’s VP and Global Head of Workload Identity Architecture, for a deep dive into the exploding world of machine identities and the urgent need to rethink how to secure them. From his journey co-founding Jetstack and creating Cert Manager to leading CyberArk’s efforts in workload identity, Matt shares insights on why secrets-based security is no longer sustainable—and how open standards like SPIFFE are reshaping the future of cloud-native and AI-driven environments.
View Video
cyberark

A CISO's guide to post-quantum readiness: How to build crypto agility now

Aug 20, 2025 By Erez Waisbard In CyberArk
The quantum threat isn’t theoretical—it’s operational. Quantum computing is rapidly shifting from research to reality, forcing chief information security officers (CISOs) to rethink cryptography, risk management and long-term data protection. In a previous post, I explained the quantum challenge. Recently, we explored why quantum readiness is not optional. Now, it’s time for action.
Read Post
cyberark

How external attackers and malicious insiders exploit standing privileges in the cloud

Aug 18, 2025 By Brooke Jameson In CyberArk
For many of us, the term “cloud security breach” conjures meticulous attack plans executed by sophisticated criminal syndicates. But in reality, “attacks” can be far more mundane: maybe some forgotten credentials, a few default permissions, or a user whose cleanup to-do list never got done. At the center of these incidents are standing privileges: long-lived access rights originally granted for legitimate tasks.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.