Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Vulnerabilities in Bosch’s Drivelog Connect dongle and its mobile app allow hackers to send malicious CAN messages to a car and stop its engine [Read More]
Cisco Talos researchers identified over a dozen vulnerabilities in Moxa industrial wireless access points (APs) as part of a two-week analysis of the product [Read More]
Researchers find serious vulnerabilities in Riverbed’s SteelCentral application and network performance monitoring system [Read More]
Cisco patches critical default credentials vulnerability in Aironet access points. Serious flaws also fixed in Wireless LAN Controller [Read More]
Google is rolling out a new Accounts sign-in page and of a series of updates to the policies that 3rd-party Single Sign-On (SSO) providers should comply with. [Read More]
Honeywell has launched a new product designed to protect industrial facilities from USB-borne threats [Read More]
A combination of 'security fatigue' among users and inadequate password controls among the social media giants is providing a large attack vector for cybercriminals. [Read More]
Google researcher Tavis Ormandy has identified a new vulnerability in the LastPass browser extension. LastPass is working on a fix [Read More]
FBI warns the healthcare industry that threat actors are targeting FTP servers that have anonymous authentication enabled [Read More]
A hacker gained access to the names, dates of birth and SSNs of job seekers in 10 U.S. states after breaching the systems of America’s JobLink (AJL) [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Scott Simkin's picture
Training employees to be aware of credential-based attacks and how to avoid them, as well as adopting the right prevention-based measures, can have a material impact on stopping a common and effective attack techniques.
David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Rafal Los's picture
If you’re tired of changing your passwords using complex formulas you’ll never remember and have found yourself wondering just what your corporate security team is thinking, this post is for you.
David Holmes's picture
Password proliferation is bad, for many, many, many reasons. But the worst reason is that people tend to re-use passwords all over the place.
Travis Greene's picture
Two-factor authentication (2FA) is becoming more mainstream for businesses; however, businesses need to consider how 2FA should be implemented to maintain both external and internal control.
Travis Greene's picture
As the demand for identity governance in Asian companies grows, the key differentiator is that it’s going to come from a need to reduce risk.
Travis Greene's picture
While Identity and access management (IAM) is a mature discipline supporting internal employee access to applications, what is the future of IAM in support of end customer interactions?
Travis Greene's picture
Like all security measures, MFA is not an instant fix to safeguard credentials. But, understanding the risks of MFA limitations is the first step towards mitigation.
Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.