ZDNet | A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA). Named Modlishka — the English pronunciation of the Polish word for mantis — this new tool was created by Polish researcher Piotr Duszyński. Modlishka is what IT professionals call a reverse proxy, but modified for handling traffic meant for login pages and phishing operations.

BetterCloud Monitor | In the era of data breaches, what makes up a successful security program? BetterCloud’s Senior Security Architect Austin Whipple shares what success and failure look like in a security program. After reading this article, you’ll come away with a few ideas you can implement right away. Here’s what he’s seen work.

Computerworld | With location sharing, a camera module, and audio-message sharing functions added to its team collaboration app, Microsoft hopes to draw in ‘first-line’ staffers.

The Register | In an extraordinary twist, it was revealed this week that the man most likely responsible for bringing drug kingpin "El Chapo" Joaquin Guzman to justice was none other than his sysadmin. Two months into the trial in New York, the FBI admitted that it had been able to access hundreds of phone calls made by Guzman and his associates via a custom encryption system because they had flipped the IT guy that set it up, systems engineer Cristian Rodriguez.

How-To Geek | While the default margins are fine most of the time, sometimes you’ll need to change them. Here’s how.

Computerworld | These tips will help even a self-professed Slack sage up their productivity game.

CIO | Automation can reap efficiencies, reduce errors, and free up staff for higher-value tasks — especially when undertaken as part of a company-wide strategic effort. #4 on this list of things that IT should be automating? IT operations. (BetterCloud can help with this across SaaS apps.) Free registration required to read.

Information Age | Chrome extensions provide a richer experience for their users, but a cottage industry of malicious Chrome extensions has emerged. Here's why they can be dangerous, and how to protect yourself and your organization from malicious Chrome extensions.

Trello Blog | No SaaS updates to report today. Here's an article from Trello to help you find more productive focus time.