In recent years, API security has become a crucial issue for companies, with several significant leaks revealing the vulnerabilities of API integrations. For example, in June 2024, Authy (Twilio) suffered an attack resulting in the exfiltration of personal data of 33.4 million users [1]. This was caused by poor API authorization management, exposing phone numbers. […]
API in Danger: Underestimated Security Holes Read More »
A Successful Integration: RegData Protection Suite (RPS) and Thales CipherTrust We are happy to announce a new integration between two major partners of Kyos: RegData and Thales. RegData Protection Suite (RPS) is now able to use Thales’ CipherTrust Manager as a key management solution (KMS). We are very excited about this news, as this will allow
A Successful Integration Read More »
Kyos team is proud to announce that we successfully renewed our Crest Membership. This accreditation allows our clients to get CREST Certified penetration testings directly from Kyos. This standard ensures clients that they can get high-quality services from Kyos and entrusted professional ethical hackers. ‘CREST is pleased to welcome Kyos as an accredited member company’,
We successfully renewed our Crest Membership Read More »
High Assurance Hardware Security Modules Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in Luna Network Hardware Security Modules (HSMs) – high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.
Thales HSM vs DpoD Cloud Read More »
Whether you are a Kyos customer or not, considering the criticality of this flaw, we offer you a free primary investigation of your Exchange server, to determine if it is still vulnerable, as well as to identify if any potential attacks have taken place, which we know is very likely. Even though Kyos Exchange Servers have not been affected, 50% of our customers with on-premise Exchange Servers have been impacted, despite the application of the patch that we performed the same day.
Exchange zero-day Exploit Read More »
On March 2, Microsoft has released an emergency security update for Microsoft Exchange to remediate six vulnerabilities allowing remote code execution, of which 4 can bypass any authentication control.
0-day Vulnerability Read More »
1. Introduction What is DKE? DKE – or Double Key Encryption– is a new option offered by Microsoft Information Protection (MIP), a cloud-based data classification and protection software. Given that many customers are worried to start their journey to the cloud because of data protection concerns, Microsoft implemented a new option to protect unstructured data
What is Double Key Encryption (DKE)? Read More »
The concept of Cloud has evolved in the last 20 years, and security concerns have grown with it. The first serious effort to provide data hosting in the Cloud comes with Amazon Simple Storage Service (S3), and with it the security burden to make sure that correct permissions were configured to avoid private data to become public.
Security of data in the cloud Read More »
