Tag

Enterprise Security

All articles tagged with #enterprise security

Critical pre-auth RCE in BeyondTrust remote-support tools prompts urgent patch
technology18 days ago

Critical pre-auth RCE in BeyondTrust remote-support tools prompts urgent patch

BeyondTrust warns of CVE-2026-1731, a pre-auth remote code execution flaw in Remote Support (RS) 25.3.1 and Privileged Remote Access (PRA) 24.3.4 and earlier, allowing unauthenticated attackers to run OS commands; patches are available by upgrading to RS 25.3.2+ and PRA 25.1.1+ (or enabling automatic updates). Cloud systems have been secured; about 11,000 instances are exposed online, with roughly 8,500 on-premises potentially vulnerable if not patched; no active exploitation is reported yet.

Coordinated Chrome extensions harvest enterprise login cookies from Workday, NetSuite, and SAP SuccessFactors
technology1 month ago

Coordinated Chrome extensions harvest enterprise login cookies from Workday, NetSuite, and SAP SuccessFactors

Security researchers found five malicious Chrome extensions posing as productivity/security tools for enterprise HR/ERP platforms (Workday, NetSuite, SAP SuccessFactors) that exfiltrate authentication cookies, block security administration pages, and, in one case, inject cookies to hijack active sessions. The campaign, linked by shared infrastructure and targeting patterns, had about 2,300 installations. Extensions were taken down after disclosure; affected users should notify security admins and rotate passwords on the targeted platforms.

"Amazon Introduces Palm-Scanning Tech for Office Access Control"
technology2 years ago

"Amazon Introduces Palm-Scanning Tech for Office Access Control"

Amazon is introducing Amazon One Enterprise, a palm-scanning technology designed for businesses, allowing employees to use their hand as an authentication tool to enter offices or access sensitive information. The service is being offered to companies such as IHG Hotels and Resorts, Boon Edam, and Kone. Amazon claims that palm recognition is more private than other biometric systems and offers a cheaper and more secure solution compared to traditional security tools. However, advocacy groups have raised concerns about privacy and increased surveillance. Amazon One was originally developed as a payment system and has been deployed in various retail locations.

"ChromeOS Boosts Privacy with Camera and Mic Toggles for Chromebooks"
technology2 years ago

"ChromeOS Boosts Privacy with Camera and Mic Toggles for Chromebooks"

Google is introducing new systemwide camera and microphone access toggles in ChromeOS settings that can instantly block all apps and sites from being able to use them. The new privacy controls cut off the rest of the computer’s access to the hardware, which is a software replacement to the physical camera and mic kill switch. Chromebook manufacturers can simplify the laptop design and use the built-in ChromeOS solution instead. Google is also expanding enterprise and business-oriented security features that include new identity and data control features that help IT departments manage user logins and help keep sensitive information from inadvertently traveling around and outside organizations.

Corporate Secrets Exposed Through Secondhand Routers
cybersecurity2 years ago

Corporate Secrets Exposed Through Secondhand Routers

Researchers from ESET have found that less than half of secondhand enterprise routers in their sample were wiped of internal data, posing a risk for both the companies that sold these routers and their customers. Out of the 18 corporate routers that the researcher team purchased secondhand, only five had been wiped. Nine of the routers had been left as is, two were encrypted, one was dead, and one was a copy of another device. The nine devices that hadn’t been wiped had enough information stored on them to identify the previous owners, and also login information for the organizations’ VPN, credentials for a communication service, and hashed root administrator passwords.