Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Intel Authenticate is a hardware-enhanced, multifactor authentication solution that strengthens identity protection on the PC, making it less vulnerable to identity and security credential attacks, the company said. [Read More]
Dell ships PCs with pre-installed self-signed root certificate that poses serious security and privacy risks [Read More]
Most Windows-based network devices that hold sufficiently privileged credentials to enable attackers compromise other machines and accounts have been found to be susceptible to compromise. [Read More]
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware [Read More]
LogMeIn has agreed to acquire single-sign-on (SSO) and password management service LastPass for $125 million in cash. [Read More]
Attackers abuse XML-RPC method to amplify their brute force attacks against WordPress websites. [Read More]
Malicious actors exploiting old vulnerability in Cisco WebVPN to modify login pages and steal credentials, says Volexity. [Read More]
Dell announced the availability of Dell One Identity Manager 7.0, a modular and integrated platform designed to help organizations unify security policies and improve agility. [Read More]
In this live webcast, experts from Imperva and Centrify will share best practices on enabling the safe and productive use of cloud apps. [Read More]
WordPress 4.3 Billie has been released. The latest version introduces new features and enhanced password security. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
The true value of identity is not in creating more defense in depth, which means that identity is not the new perimeter.
Travis Greene's picture
As much fun as it is to wake up to patches waiting to be unwrapped, we don’t want the regret of “exploit Wednesday”, which is far more embarrassing than becoming a victim of a zero-day exploit.
Travis Greene's picture
Can IT security find a way to coexist with wearables faster than the first BYOD war and avoid a second war?
Travis Greene's picture
No IT organization has a seemingly unlimited budget the way that Team Oracle did in the 2013 America’s Cup race. But look closer at why spending on America’s Cup racing seems so out of control and it starts to look a bit more familiar.
Travis Greene's picture
Security teams must bear equal, if not more responsibility, for reducing the risk of credential fatigue leading to inadvertent exposure.
Wade Williamson's picture
Network administrators have to remember that they are not just the protectors of the organization – they are also the most valuable targets.
Travis Greene's picture
Just like fumbles and interceptions derail a playbook plan, there are two ways that access certifications today are insufficient.
Travis Greene's picture
Like those college recruiting compliance departments that are constantly training, monitoring, and enforcing policies, the IT compliance activity of access certifications needs to become more intelligent and real-time.
Travis Greene's picture
It’s time for targeted complexity that balances the convenience that users demand with the security that organizations need. It’s a bit like teaching a new dog old tricks.