Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Experts audited OpenVPN and its cryptography and found only one high severity vulnerability [Read More]
Thousands of embedded systems compromised by Rakos Linux malware. No malicious actions yet, but botnet could be used for powerful DDoS attacks [Read More]
Researchers discovered several vulnerabilities in Evoko meeting room management devices [Read More]
Moxa addresses hardcoded credentials issue that can be exploited by attackers to gain complete control of the company’s APs [Read More]
Mastercard announces launch of new biometric card that combines chip technology with fingerprints [Read More]
LastPass patches vulnerabilities that could have allowed hackers to bypass two-factor authentication (2FA) [Read More]
Google hopes that by sharing its own experiences in developing and deploying tiered access, IT and security admins will feel empowered to develop a flexible and powerful access control system that better suits today's business. [Read More]
Chrome, Firefox and Opera expose their users to phishing attacks that rely on Unicode domain names [Read More]
Vulnerabilities in Bosch’s Drivelog Connect dongle and its mobile app allow hackers to send malicious CAN messages to a car and stop its engine [Read More]
Cisco Talos researchers identified over a dozen vulnerabilities in Moxa industrial wireless access points (APs) as part of a two-week analysis of the product [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.
Rafal Los's picture
Attackers are exploiting issues in corporate identity stores with greater frequency. If you doubt the danger that identities pose to your organization, you should conduct a simple test.
Travis Greene's picture
It’s been said that the military is always preparing to fight the last war. Are we doing the same in IT security? Are we doomed to always react to the threat?
Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
Travis Greene's picture
The investment in access certifications have reduced the workload on IT, but by treating all entitlements and users the same, we’ve put the burden on LOB managers to manage the risk of excessive access.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
The true value of identity is not in creating more defense in depth, which means that identity is not the new perimeter.