The Admin By Request
Security Blog
Cyber attacks, emerging threats, current events, latest news, recent updates, and more.
Non-Human Identity: Real Threat or Vendor Gold Rush?
Non-human identities are a real problem, but vendors are rebranding old secrets management issues. The 45:1 ratio doesn't tell the whole story.
How Much Security Debt Is Your Organization Carrying?
Security debt includes outdated remote access, manual approvals, and excessive privileges. Each trade-off made for productivity eventually becomes a liability.
Agentic Browsers: Productivity Win or Security Liability?
Agentic browsers offer productivity gains but create serious security risks. Organizations face data exfiltration, prompt injection, and weak phishing protection.
9 Common Mistakes When Removing Local Admin Rights
Removing local admin rights without planning causes broken workflows and helpdesk chaos. We cover 9 common mistakes and how to avoid them when revoking privileges.
Admin By Request EPM vs Microsoft Intune EPM: A Detailed Comparison
Admin By Request EPM vs Microsoft Intune EPM: Compare real-time operations, multi-platform support, and built-in malware scanning. See which fits your needs.
Pharma Firm Inotiv Confirms Data Breach Affecting 9,500+ After Ransomware Attack
Contract research firm Inotiv confirms data breach from August ransomware attack. Employee and partner information was compromised by Qilin ransomware group.
Are Cloud Storage Platforms Safe? 7 File Sharing Security Risks
Are your files actually safe in the cloud? Misconfigured permissions, weak access controls, and shadow IT create major vulnerabilities in file sharing.
ShadyPanda Weaponizes Trusted Browser Extensions in 7-Year Campaign
A seven-year malware campaign turned trusted browser extensions into spyware, affecting 4.3 million. WeTab and other extensions remain active in Edge's store.
Why Cyberattacks Spike During the Holidays (And How to Prepare)
Holiday staffing gaps give attackers time to move quietly through networks. The pattern shows why year end security coverage matters more than most teams expect.
Understanding Attack Surface and What Makes You a Target
Your attack surface grows as old accounts, unpatched systems, and persistent vendor access accumulate. The result is a larger set of entry points attackers can exploit.
Security Tool Sprawl: Why a Bloated Stack Leaves You Vulnerable
Security complexity introduces gaps that attackers exploit more easily. A fragmented stack becomes a liability when integration and usability fall behind.
Everest Ransomware Gang Claims Under Armour and Petrobras Breaches
Everest ransomware group claims breaches of Under Armour and Petrobras in mid-November 2025. The attacks exposed customer data and seismic survey information.
Phishing-as-a-Service: Why Training Alone Won’t Stop PhaaS Attacks
Criminals now rent complete phishing platforms that mimic real login pages with precision. The real risk comes from accounts holding unnecessary administrative rights.
PureRAT Malware Campaign Exploits Hotels to Steal Guest Banking Details
Hotels worldwide face PureRAT infections via fake Booking.com emails. The result is stolen credentials and scams against real guests.
Stopping Lateral Movement Attacks by Removing Local Admin Rights
Attackers move laterally by abusing admin privileges. Admin By Request EPM blocks their path while keeping users productive and secure.
Nikkei Reports Data Breach After Malware Exposes 17,000 Slack Accounts
A malware infection led to stolen Slack credentials at Nikkei, exposing 17,368 users. The breach underscores growing credential theft threats in 2025.
What LAPS Can’t Do: Offline Access, Usage Tracking, and Cloud Challenges
Microsoft LAPS helps rotate local admin passwords but struggles with offline and hybrid setups. Break Glass simplifies secure access and full session auditing.
Admin By Request is Back at Gartner IAM Summit Texas This December
Admin By Request returns to the Gartner IAM Summit in Texas with live demos and a session on smarter privileged access.
Memento Labs Spyware Used in Chrome Zero-Day Campaign
Operation ForumTroll used a Chrome zero-day to install spyware traced to Memento Labs. The phishing campaign hit research and media groups.
Ransomware Recovery vs. Prevention: Why You Need Both
Ransomware attacks are inevitable. Effective cybersecurity combines prevention to stop most threats and recovery to limit damage when one succeeds.
Medical Specialist Group Fined £100,000 After Cyber Attack Exposed Patient Data
A £100,000 fine hits the Medical Specialist Group after hackers stole patient data, highlighting major security lapses and the cost of poor cyber hygiene.
When Your Security Team Burns Out, So Does Your Security
Burned-out IT teams create security gaps. Automation and balanced workloads keep defenses strong and prevent costly oversights.
Hacker Group TA585 Deploys MonsterV2 Malware with Advanced Web Injection Capabilities
TA585 launches MonsterV2 malware, capable of live transaction tampering via browser injection. Just-in-time privilege controls help limit damage.
How Agentic AI is Creating Security Holes in Your Organization
Agentic AI tools boost productivity but open serious security gaps. Unauthorized access, prompt injections, and data leaks are now everyday risks.
How to Revoke Developer Admin Rights Without Breaking Everything
Revoking admin rights doesn't have to break builds or slow teams. See how to keep developers productive while reducing risk with Admin By Request.
Scattered LAPSUS$ Hunters Threatens to Leak 1 Billion Records From 39 Companies
A cybercriminal group targets Salesforce via OAuth abuse and vishing, claiming to have stolen data from 39 major firms, including Qantas and UPS.
What Are the Advantages of SaaS-Based Privilege Management Solutions?
Ditch the servers and scale effortlessly. SaaS PAM simplifies deployment, reduces overhead, and delivers enterprise security without on-prem complexity.
