Identity & access
-
Microsoft outage exposes identity dependency
Microsoft’s MFA setup and My Sign-Ins incident exposed the operational dependency now carried by cloud identity platforms, enrolment workflows, and access recovery.
-
Belgium warns Netlogon flaw is exploited
Belgium says a critical Netlogon flaw is now being exploited, putting domain-controller patching, compromise detection, and Active Directory recovery at the centre of enterprise identity risk.
-
Residential proxies are breaking trusted traffic
A Dutch botnet takedown shows how residential proxy abuse is weakening old assumptions about trusted traffic, with consequences for IP reputation, geolocation, identity controls, and fraud detection.
-
GlobalProtect flaw is under attack
Palo Alto Networks has updated its GlobalProtect vulnerability advisory again. The affected PAN-OS issue can allow unauthorised VPN connections in specific configurations and is now marked as attacked.
-
Google binds sessions to devices
Google has made device-bound session credentials generally available for Workspace. The Chrome security change addresses session-cookie theft, one route attackers use to work around multi-factor authentication.
-
Italy reports sustained phishing pressure
CERT-AGID recorded 94 malicious campaigns in one reporting week alone. The data shows persistent identity, malware, and public-service impersonation pressure across a major European market.