The Admin By Request
Security Blog
Cyber attacks, emerging threats, current events, latest news, recent updates, and more.
Medical Specialist Group Fined £100,000 After Cyber Attack Exposed Patient Data
A £100,000 fine hits the Medical Specialist Group after hackers stole patient data, highlighting major security lapses and the cost of poor cyber hygiene.
When Your Security Team Burns Out, So Does Your Security
Burned-out IT teams create security gaps. Automation and balanced workloads keep defenses strong and prevent costly oversights.
Hacker Group TA585 Deploys MonsterV2 Malware with Advanced Web Injection Capabilities
TA585 launches MonsterV2 malware, capable of live transaction tampering via browser injection. Just-in-time privilege controls help limit damage.
How Agentic AI is Creating Security Holes in Your Organization
Agentic AI tools boost productivity but open serious security gaps. Unauthorized access, prompt injections, and data leaks are now everyday risks.
How to Revoke Developer Admin Rights Without Breaking Everything
Revoking admin rights doesn't have to break builds or slow teams. See how to keep developers productive while reducing risk with Admin By Request.
Scattered LAPSUS$ Hunters Threatens to Leak 1 Billion Records From 39 Companies
A cybercriminal group targets Salesforce via OAuth abuse and vishing, claiming to have stolen data from 39 major firms, including Qantas and UPS.
What Are the Advantages of SaaS-Based Privilege Management Solutions?
Ditch the servers and scale effortlessly. SaaS PAM simplifies deployment, reduces overhead, and delivers enterprise security without on-prem complexity.
Admin By Request for Linux 4.0: Closing the Feature Gap
Linux 4.0 closes the feature gap with Windows and macOS by adding Break Glass, MFA, and account separation for stronger compliance and access controls.
10 Must-Have Features to Look for in a PAM Solution
Don’t waste money on shelfware. These 10 PAM features are critical for secure, scalable, and user-friendly privilege management across your endpoints.
Admin By Request is Now Cyber Essentials Plus Certified
Admin By Request is now Cyber Essentials Plus certified, showing our commitment to strong technical controls and third-party verified cybersecurity practices.
JLR’s Production Crisis Exposes Manufacturing’s Cyber Weakness
JLR's global factories remain offline after a major cyberattack. Weeks of halted production expose serious risks in connected manufacturing systems.
Dormant Admin Accounts Fuel Tomorrow’s Security Breaches
Privileged accounts with no recent activity often escape audits. Attackers identify and exploit them, posing major risks to your environment.
From Phishing to Full Network Access: Mapping Credential-Based Attack Paths
When attackers use valid credentials, traditional defenses fail. Stop the breach chain with just-in-time access and detailed privilege controls.
Post-Incident Reviews: Learning From Security Breaches Without Blame
Blame hinders progress. Post-incident reviews that emphasize facts, context, and accountability lead to smarter systems and safer teams.
Salesloft Drift AI Agent Vulnerability Leads to Widespread Data Theft
Threat actors used stolen OAuth tokens to breach Salesforce data at scale, exposing major flaws in AI agent integrations and enterprise security.
How the CIA Triad Shapes Your Security Strategy
Confidentiality, Integrity, and Availability form the core of cybersecurity. See how the CIA Triad drives smarter decision-making and risk management.
Electronics Manufacturer Data I/O Hit by Ransomware Attack
A ransomware attack knocked out key systems at Data I/O, a chip services firm for Apple and Google. The fallout exposes serious supply chain vulnerabilities.
Understanding Insider Threats Before They Compromise Your Business
From rogue IT admins to careless staff, insider threats are rising. Temporary access and strong oversight stop breaches before they begin.
Workday Falls Victim to the ShinyHunters Salesforce Attack Spree
Workday confirms a data breach tied to ShinyHunters, with attackers exploiting Salesforce-connected apps in a growing wave of social engineering incidents.
Securing Work from Anywhere: Access Control for Hybrid Teams
Rebuild access control for the hybrid era. Smart policies and just-in-time privileges keep your team secure and productive anywhere.
Physical Security Still Matters: The Threats Your Firewall Can’t Block
When someone has your device, all bets are off. Physical access turns unlocked laptops and admin rights into high-risk entry points.
Execs Oversharing? Why Social Media Makes Phishing So Easy
Phishing isn’t always sloppy or random. With your own social content, attackers craft emails that mirror real conversations and current business stress.
What Does the CyberArk-Palo Alto Deal Mean for the Future of Cybersecurity Innovation?
CyberArk's acquisition raises real questions about innovation speed and vendor lock-in as the industry moves toward platform consolidation.
How to Tell Users They’re Losing Admin Rights
Removing admin rights isn't easy. Here's how to communicate the change effectively and reduce pushback while keeping your organization secure.
SIM Swapping and MFA Bombing: How Attackers Beat Two-Factor Authentication
MFA is effective against automation, but targeted attacks like MFA bombing and SIM swaps are exposing its human-centered weaknesses.
Microsoft SharePoint Exploits Now Used for Ransomware Attacks
Warlock ransomware deployed via SharePoint vulnerabilities. Find out how attackers gain access, steal keys, and lock down systems.
7 Security Monitoring and Logging Best Practices
Centralized, standardized logs can catch attacks early and streamline compliance. Learn how to log smarter with these 7 best practices.
