Insights
Jan Recap: New AWS Privileged Permissions and Services
As January 2026 comes to a close, Sonrai’s latest review of newly released AWS permissions highlights a sharp expansion of privilege concentrated in networking, traffic...
The Ultimate Guide to Single Sign-On in 2025
Why SSO is still a mess in 2025 Ever wonder why, in 2025, we’re still wrestling with getting a "simple" login button to work for...
Single Sign-On with External Security Token Services
Understanding the Role of External Security Token Services Ever wonder why you don't have to log in ten times a day just to check your...
The Future of Single Sign-on: Insights for 2025
The Shift Toward Passwordless and FIDO2 Standards Ever tried explaining to a frantic ceo why they can't just use "Password123" for the main admin portal?...
Is the Online Account Service Still Available?
The headache of multi-environment ciam Ever tried explaining to a frustrated stakeholder why a login flow works perfectly in your dev environment but completely breaks...
Configuring WS-Federation Single Sign-on for Resources
Why we still care about WS-Federation in a modern stack Ever feel like you're stuck in a time machine when a client asks to integrate...
Trending News
A slippery slope: Beware of Winter Olympics scams and other cyberthreats
Digital Security It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these...
A slippery slope: Beware of Winter Olympics scams and other cyberthreats
Digital Security It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these...
This month in security with Tony Anscombe – January 2026 edition
The year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to...
DynoWiper update: Technical analysis and attribution
In this blog post, we provide more technical details related to our previous DynoWiper publication. Key points of the report: ESET researchers identified new data-wiping...
Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan
ESET researchers have uncovered an Android spyware campaign leveraging romance scam tactics to target individuals in Pakistan. The campaign uses a malicious app posing as...
Drowning in spam or scam emails? Here’s probably why
Digital Security Has your inbox recently been deluged with unwanted and even outright malicious messages? Here are 10 possible reasons – and how to stem...