Microsoft has disabled Basic authentication in Exchange Online tenants to help fight against password spray attacks. Attackers are stepping up attacks in anticipation, Microsoft warns.
Palo Alto Networks has issued a Critical security advisory for PAN-OS authentication bypass in SAML authentication vulnerability CVE-2020-2021.
The Open Web Application Security Project (OWASP) has released its OWASP API Security Top 10 2019. This is the first version of the API Top 10. OWASP will likely update the guidelines every three to fours years, similar to the other OWASP Top 10 series.
The National Institute of Standards and Technology (NIST) has releases its Security Publication (SP) 800-177 Revision 1, that include security guidelines and recommendations for achieving “trustworthy email”.
Gentoo provided a new security update that describes the impact and root cause of its recent GitHub Linux distribution repository hacking incident.
To help organizations prepare for Internet of Things (IoT) threats, we outline some key security recommendations for IoT authorization, authentication and access control.