Granting access to 3rd party apps is not a new concept in the age of Facebook and big consumer services. In this article, we demonstrate a similar scenario, but using a known enterprise applications ecosystem (Azure AD) The attack demonstrates that 3rd party app requesting access to your data might not be what it claims to be.
We are increasingly seeing various forms of AI being used everywhere. Sometimes it feels like every day there is a new industry that comes up with clever new approaches. What happens next, nobody knows for sure.
Yesterday, the story broke on Wired about a sales intelligence company called Apollo suffering from a data breach. The company was collecting data from various sources – many of them public – and connecting it all together to create profiles of people. The purpose of their platform was to enable sales by helping sales people target the right stakeholders with the right message.