Close Menu
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
What's Hot

⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More

Why a modern approach is needed?

Protix: High-performance, low-level printing insect components

Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
Facebook X (Twitter) Instagram
Fyself News
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
Fyself News
Home » Do you think your IDP or CASB is hiding it? These five risks prove not to
Identity

Do you think your IDP or CASB is hiding it? These five risks prove not to

userBy userJune 9, 2025No Comments5 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

June 9, 2025Hacker News

No fraudulent employees are needed to suffer from violations.

All you need is a free trial where someone forgets to cancel. An AI-powered memo taker that quietly syncs with Google Drive. A personal Gmail account tied to business critical tools. It’s a shadow. And today it’s not just about unauthorized apps, but also about dormant accounts, unmanaged identities, overly permitted SaaS tools, and orphan access. Most of them slip through even the most mature security solutions.

Do you think your CASB or IDP covers this? it’s not.

They weren’t built to catch what was going on inside SaaS: apps created directly on platforms like Oauth Sprawl, Shadowdmins, Genai Access, or Google Workspace or Slack. Shadow It’s no longer a matter of visibility – it’s a full-fledged attack surface.

Wing Security helps security teams identify these risks before they become incidents.

Here are five real examples of shadows that can cause your data to bleed gently.

1. Dormant access you can’t see, its attacker loves to exploit

Risk: Employees sign up for the tool using only username and password, without SSO or centralized visibility. Over time, they stop using the app, but access stays and, worse still, it is not managed. Impact: These zombie accounts become invisible entry points to your environment. You cannot perform MFAs while offboarding, monitor usage, or revoke access. Example: CISA and the Global Cyber ​​Agency issued a joint advisory warning in 2024 that Russian state-sponsored group APT29 (part of SVR) can actively target dormant accounts to access corporate and government systems. These accounts often serve as ideal scaffolding as they are unaware, lacking MFA and are much easier to access since they no longer use them.

2. Generate AI quietly reads emails, files and strategies

Risk: SaaS apps with Generator AI typically require extensive OAuth permissions with full access to read inboxes, files, calendars, and chat. Impact: These SAAS apps allow third parties with unknown data retention and model training policies to have more access than necessary, allowing more access than necessary. Once access is granted, there is no way to monitor how data is stored, who or vendor has internal access, or what happens when access is incorrect, or when access is incorrect. Example: In 2024, DeepSeek incorrectly exposed internal LLM training files containing sensitive data due to misunderstood storage buckets, highlighting the risk of giving third-party Genai tools broad access without data security surveillance.

3. Former employee still has administrator access.

Risk: When employees are riding on new SaaS tools (especially outside of IDP), they are often the only managers. Even after they leave the company, their access remains. Impact: These accounts have persistent and privileged access to corporate tools, files, or environments, pose long-term insider risk. A real-life example: a contractor set up a time tracking app and linked it to the company’s HR system. A few months after the contract ended, they still had admin access to employee logs.

See which wings are revealed in the SaaS environment. Talk to a security expert and get a demo.

4. Business-critical apps tied to personal accounts that you don’t control

Risk: Employees may sign up for business apps such as Figma, concepts, and even Google Drive using their personal Gmail, Apple ID, or other unmanaged accounts. Impact: These accounts exist entirely outside of visibility. If they compromise, you cannot revoke access or enforce security policies. Example: In the 2023 OKTA customer support violation, hackers misused service accounts without an MFA that has access to OKTA’s support system. The account was active, unsupervised, and not tied to any particular person. Even businesses with mature identity systems can miss these blind spots.

5. Shadowers with app and app connection to Crown Jewel

Risk: Employees connect unauthorized SaaS apps directly to trusted platforms such as Google Workspace, Salesforce, and Slack. App connections from these apps often require extensive API access and remain active after use. Impact: These integrations create hidden pathways to critical systems. If compromised, it allows lateral movement, allowing attackers to pivot across the app, remove data, and maintain persistence without triggering traditional alerts. Example: Product Manager has connected roadmap tools to Jira and Google Drive. The integration requested widespread access, but was forgotten after the project was finished. When the vendor was later compromised, the attacker used a prolonged connection to pull files from the drive, pivot to JIRA, and accessed internal credentials and escalation paths. This type of lateral movement was seen in midnight Blizzard during the 2024 Microsoft Brief. There, attackers leveraged the legacy OAuth app with mailbox access to do evasion detection and maintain persistent access to internal systems.

What are you doing about it?

Shadow It’s not just a governance issue, it’s a real security gap. And the longer you notice it, the greater the risk and the more exposed the SaaS environment.

Wing Security uses agents or proxy to automatically discover SAAS apps, users, and integrations that map human and non-human identities, permissions, and MFA status. Once the unknown becomes known, Wing offers multi-layered SaaS security on one platform, combining misconceptions, identity threats, and SaaS into a single source of truth. By correlating events across apps and identity, wings cut through noise, prioritize what’s important, allowing for proactive and continuous security.

Before demo hackers do it, take a demo to control your SaaS environment.

Did you find this article interesting? This article is a donation from one of our precious partners. Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleOlympia’s £1.3 billion redevelopment is set to inject more than £600 million into the UK economy
Next Article 70%: Laura Rosinska -Conference News
user
  • Website

Related Posts

⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More

July 28, 2025

Why a modern approach is needed?

July 28, 2025

Scattered spider hijacking vmware esxi deploys ransomware on critical US infrastructure

July 28, 2025
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More

Why a modern approach is needed?

Protix: High-performance, low-level printing insect components

Los Alamos researchers unlock quantum machine learning

Trending Posts

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to Fyself News, your go-to platform for the latest in tech, startups, inventions, sustainability, and fintech! We are a passionate team of enthusiasts committed to bringing you timely, insightful, and accurate information on the most pressing developments across these industries. Whether you’re an entrepreneur, investor, or just someone curious about the future of technology and innovation, Fyself News has something for you.

Tim Berners-Lee Unveils the “Missing Link”: How the Web’s Architect Is Building AI’s Trusted Future

Dispatch from London Tech Week: Keir Starmer, The Digital Twin Boom, and FySelf’s Game-Changing TwinH

Is ‘Baby Grok’ the Future of Kids’ AI? Elon Musk Launches New Chatbot

Next-Gen Digital Identity: How TwinH and Avatars Are Redefining Creation

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
© 2025 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.