Mattermost 5.8: MFA for Team Edition, LDAP group sync, improved image performance and more
Mattermost 5.8 is full of new features that will help your team get more done in less time.
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Mattermost 5.8 is full of new features that will help your team get more done in less time.
One of the great things about Kubernetes is that it completely separates authentication and authorization. Authentication (Authn) meaning the act of identifying who the user is and authorization (Authz) meaning the act of working out if they’re allowed to perform some action. This can be thought of in terms of a Passport and a Visa.
As part of our continuing security program here at BugSplat, we’re switching to an authentication service called Auth0 for all of our account logins. Auth0 is a universal authentication and authorization platform that supports customer-requested features like federated logins, which means authenticating with a different provider, and Multi-Factor Authentication (MFA) which is a two-step login protocol requiring separate verification from a mobile device to access your account.
CFEngine is very simple to set up and use, especially if all of the clients and the hub are going to be using the same promises. But what if there are certain things you want to enforce on a hub and not a client? What if there are certain things you want to enforce on a client but not on a hub?
If you thought masked hackers in dark rooms spreading malware were your only security concern, think again. In its Insider Threat Report for 2018, Crowd Research Partners brought to light that almost 90 percent of organizations find themselves vulnerable to insider threats. What’s worse is that 50 percent of these organizations experienced an insider attack in 2018.
Earlier today, CVE-2019-5736 was announced regarding a runC container breakout. Given the high CVSS rating of 7.2, it is imperative to quickly patch your systems.
Chances are you’ve heard of traditional credential-based attacks on Active Directory (AD) and cloud applications—brute force attacks, dictionary attacks, and keylogging, to name a few. There’s now another attack type you should familiarize yourself with: password spray attacks. In this blog, we’ll analyze why you should be wary of them and the best way to tackle them.