The Admin By Request
Security Blog
Cyber attacks, emerging threats, current events, latest news, recent updates, and more.
Remote Access Security Through a Zero Trust Lens
Zero Trust principles change how remote access works. MFA per session, approval workflows, and automatic termination reduce the impact of credential compromise.
France’s National Bank Account Database Breached: 1.2 Million Accounts Exposed
Stolen credentials gave hackers access to France's national bank account database, exposing 1.2 million accounts and enabling potential fraud.
Admin By Request Heads to Gartner IAM Summit London
Meet Admin By Request at Gartner IAM Summit London, March 9-10. Paul Fisher speaks on Identity at the Core, Privilege at the Edge on March 10 at 11:15 AM.
What’s New in Admin By Request for macOS 5.2
Admin By Request for macOS 5.2 adds Secure Remote Access and Okta authentication. Unattended access and remote support now work across all platforms.
What’s New in Admin By Request for Windows 8.7
Admin By Request for Windows 8.7 lets you approve specific applications from vendors. Version rules and certificate matching provide granular control.
How Deepfakes Are Being Used in Cyberattacks (And What to Do About It)
Deepfake attacks use AI to impersonate executives and bypass security. Helpdesks and payment approvals are primary targets for these sophisticated frauds.
Sicarii: The Vibe-Coded Ransomware That Broke Itself
Sicarii ransomware can't decrypt files even when victims pay the ransom. The code has fundamental flaws that make data recovery impossible.
How Often Should Privileged Access Reviews Be Conducted?
Privilege creep happens when admin access goes unchecked. This guide covers review frequencies from quarterly to continuous monitoring.
ShinyHunters Targets 100+ Organizations Through Okta SSO Vishing Campaign
ShinyHunters breached 100 organizations through voice phishing attacks targeting SSO credentials. The group has already leaked millions of user records online.
Non-Human Identity: Real Threat or Vendor Gold Rush?
Non-human identities are a real problem, but vendors are rebranding old secrets management issues. The 45:1 ratio doesn't tell the whole story.
How Can Privilege Management Be Automated for Efficiency?
Permanent admin rights expose networks to threats, but manual approvals slow everything down. Intelligent automation balances security with operational needs.
Privilege Management in Healthcare: What IT Teams Need to Know
Clinical staff need quick system access for patient care, but permanent admin rights create security risks. Just-in-time elevation reduces attack surface effectively.
How Much Security Debt Is Your Organization Carrying?
Security debt includes outdated remote access, manual approvals, and excessive privileges. Each trade-off made for productivity eventually becomes a liability.
Agentic Browsers: Productivity Win or Security Liability?
Agentic browsers offer productivity gains but create serious security risks. Organizations face data exfiltration, prompt injection, and weak phishing protection.
9 Common Mistakes When Removing Local Admin Rights
Removing local admin rights without planning causes broken workflows and helpdesk chaos. We cover 9 common mistakes and how to avoid them when revoking privileges.
Admin By Request EPM vs Microsoft Intune EPM: A Detailed Comparison
Admin By Request EPM vs Microsoft Intune EPM: Compare real-time operations, multi-platform support, and built-in malware scanning. See which fits your needs.
Pharma Firm Inotiv Confirms Data Breach Affecting 9,500+ After Ransomware Attack
Contract research firm Inotiv confirms data breach from August ransomware attack. Employee and partner information was compromised by Qilin ransomware group.
Are Cloud Storage Platforms Safe? 7 File Sharing Security Risks
Are your files actually safe in the cloud? Misconfigured permissions, weak access controls, and shadow IT create major vulnerabilities in file sharing.
ShadyPanda Weaponizes Trusted Browser Extensions in 7-Year Campaign
A seven-year malware campaign turned trusted browser extensions into spyware, affecting 4.3 million. WeTab and other extensions remain active in Edge's store.
Why Cyberattacks Spike During the Holidays (And How to Prepare)
Holiday staffing gaps give attackers time to move quietly through networks. The pattern shows why year end security coverage matters more than most teams expect.
Understanding Attack Surface and What Makes You a Target
Your attack surface grows as old accounts, unpatched systems, and persistent vendor access accumulate. The result is a larger set of entry points attackers can exploit.
Security Tool Sprawl: Why a Bloated Stack Leaves You Vulnerable
Security complexity introduces gaps that attackers exploit more easily. A fragmented stack becomes a liability when integration and usability fall behind.
Everest Ransomware Gang Claims Under Armour and Petrobras Breaches
Everest ransomware group claims breaches of Under Armour and Petrobras in mid-November 2025. The attacks exposed customer data and seismic survey information.
Phishing-as-a-Service: Why Training Alone Won’t Stop PhaaS Attacks
Criminals now rent complete phishing platforms that mimic real login pages with precision. The real risk comes from accounts holding unnecessary administrative rights.
PureRAT Malware Campaign Exploits Hotels to Steal Guest Banking Details
Hotels worldwide face PureRAT infections via fake Booking.com emails. The result is stolen credentials and scams against real guests.
Stopping Lateral Movement Attacks by Removing Local Admin Rights
Attackers move laterally by abusing admin privileges. Admin By Request EPM blocks their path while keeping users productive and secure.
Nikkei Reports Data Breach After Malware Exposes 17,000 Slack Accounts
A malware infection led to stolen Slack credentials at Nikkei, exposing 17,368 users. The breach underscores growing credential theft threats in 2025.
