saas security

As organisations across Australia and globally embrace the cloud to streamline operations and enable seamless collaboration, the question of security has never been more urgent. Cloud platforms like Microsoft 365, Google Workspace, AWS, and Azure have become central to business operations—but so...

Security researchers have recently identified a critical vulnerability within Microsoft Entra ID, formerly known as Azure Active Directory, that enables attackers to escalate their privileges to Global Administrator status. This flaw poses a significant threat to organizations relying on...

Phishing attacks remain a relentless challenge in the digital security landscape, and for organizations relying on Microsoft 365, the stakes have never been higher. As business email compromise, credential theft, and weaponized attachments evolve—often powered by artificial intelligence—security...

As organizations march deeper into the era of AI-driven transformation, the paramount question for enterprise IT leaders is no longer whether to adopt artificial intelligence, but how to secure the vast torrents of sensitive data that these tools ingest, generate, and share. The arrival of the...

For millions accustomed to beginning their day by checking email, the morning brought an unwelcome disruption. Outlook, Microsoft's globally dominant email service, suffered a major outage that left users locked out of their mailboxes, unable to send or receive messages, and questioning the...

Recent revelations surrounding a critical Local File Inclusion (LFI) vulnerability in Microsoft 365’s Export to PDF functionality have cast an intense spotlight on the hidden complexities and lingering security risks inherent even in feature-rich, enterprise-grade cloud platforms. The...

Artificial intelligence’s growing influence in the business world is increasingly coming with a sharp edge, as demonstrated by a recent report from identity management giant Okta. The convergence of easily accessible AI-powered web development tools and the rising sophistication of threat actors...

In a landscape rapidly reshaped by artificial intelligence, organizations face unprecedented challenges in protecting sensitive data while harnessing the power of advanced digital tools. Enterprises pushing deeper into AI realize that their most valuable asset—information—has become more exposed...

Varonis Systems and Microsoft have announced a strategic partnership aimed at enhancing data security, governance, and compliance for organizations adopting artificial intelligence (AI) technologies. This collaboration seeks to integrate Varonis' Data Security Platform with Microsoft's suite of...

A new wave of phishing attacks has cast a harsh spotlight on the security assumptions underlying Microsoft 365, as cybercriminals adapt with alarming speed to exploit lesser-known features. Over the past two months, a sophisticated campaign has targeted more than 70 organizations across critical...

Microsoft’s cloud ecosystem continues to underpin enterprise digital transformation—yet the discovery and persistence of the nOAuth vulnerability within Entra-integrated applications shines a harsh light on lingering risks at the intersection of identity management, software-as-a-service, and...

A critical authentication flaw within Microsoft’s Entra ID ecosystem continues to threaten tens of thousands of enterprise applications worldwide, illustrating a profound challenge for the current state of SaaS security two years after its discovery. The vulnerability, dubbed “nOAuth,” first...

In a significant move to bolster enterprise data security, Netskope has announced an integration with Microsoft Purview, aiming to provide organizations with comprehensive protection across enterprise, cloud, and AI environments. This collaboration is set to enhance data discovery...

Major security events in enterprise software rarely unfold in isolation; instead, they are often woven into broader technological trends and industry shifts. Such is the case with the recent disclosure from Asana, the globally popular project management platform, admitting that a critical bug in...

As enterprise technology races forward at a breakneck pace, organizations are reaping the rewards of digital transformation—bolstered by cloud adoption, generative AI tools, and a sprawling SaaS ecosystem. Yet, while the benefits of this connectivity are clear, the dramatic expansion of the...

In an era where cloud computing and artificial intelligence are reshaping the digital landscape, the partnership between Netskope and Microsoft stands as a pivotal force in enterprise security. Both companies, renowned for their respective advances in security and compliance, have deepened their...

In the first week of June, the cybersecurity landscape took another sobering turn when The Washington Post fell victim to a targeted email account compromise. Multiple Microsoft 365 work email accounts belonging to journalists were breached, prompting urgent password resets and a rapid...

A seismic shift has rippled through the cybersecurity community with the disclosure of EchoLeak, the first publicly reported "zero-click" exploit targeting a major AI tool: Microsoft 365 Copilot. Developed by AIM Security, EchoLeak exposes an unsettling truth: simply by sending a cleverly...

Cloud services form the backbone of the digital world, powering everything from global social platforms to critical enterprise solutions. When an outage occurs at this level of infrastructure, its effects ripple instantaneously and sometimes catastrophically across the internet. On Thursday, a...

In a digital era increasingly defined by artificial intelligence, automation, and remote collaboration, the emergence of vulnerabilities in staple business tools serves as a sharp reminder: innovation and risk go hand in hand. The recent exposure of a zero-click vulnerability—commonly identified...