Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Two-thirds of European consumers want to use biometrics to make payments easier and more secure, according to research commissioned by Visa. [Read More]
Microsoft announced a series of changes to the security capabilities of Windows 10, including expanded capabilities for Windows Hello, the end-to-end multi-factor authentication solution. [Read More]
Google is rolling out new 2-Step Verification (2SV) functionality, to make it easier for users with the additional security feature enabled to log into their accounts. [Read More]
Security researchers have found 5,275 employee email and clear text password combinations from FTSE 100 companies available in various cybercriminal channels. [Read More]
Microsoft is banning weak and common passwords from Microsoft Account and Azure AD system and implementing a feature called smart password lockout. [Read More]
It took Microsoft only 7 hours to patch a serious Office 365 vulnerability that could have been exploited to hack into accounts [Read More]
Mobile phone-based two-factor authentication (2FA) mechanisms are plagued by synchronization vulnerabilities that allow attackers intercept One-Time Passwords and bypass the security of many financial services. [Read More]
A group of security researchers has discovered vulnerabilities in the reCaptcha systems of Google and Facebook, and have created an attack that is highly successful at automatically bypassing the protection system. [Read More]
Passwords remain the bedrock of authentication, increasingly supported by SMS passcodes. But many companies won't introduce that second factor simply because of the increased user friction. [Read More]
Microsoft has paid a $13,000 reward for a vulnerability that could have been exploited to hijack Outlook, Office and Azure accounts [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Travis Greene's picture
While Identity and access management (IAM) is a mature discipline supporting internal employee access to applications, what is the future of IAM in support of end customer interactions?
Travis Greene's picture
Like all security measures, MFA is not an instant fix to safeguard credentials. But, understanding the risks of MFA limitations is the first step towards mitigation.
Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.
Rafal Los's picture
Attackers are exploiting issues in corporate identity stores with greater frequency. If you doubt the danger that identities pose to your organization, you should conduct a simple test.
Travis Greene's picture
It’s been said that the military is always preparing to fight the last war. Are we doing the same in IT security? Are we doomed to always react to the threat?
Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
Travis Greene's picture
The investment in access certifications have reduced the workload on IT, but by treating all entitlements and users the same, we’ve put the burden on LOB managers to manage the risk of excessive access.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.