Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

St. Jude Medical has patched some of the vulnerabilities found by MedSec, but the vendor insists the risk of cyberattacks is extremely low [Read More]
A second variant of the Shamoon 2 malware targets virtualization products, likely in an effort to make recovery more difficult and increase the impact of the attack [Read More]
An open source tool called “Truffle Hog” helps developers check if they’ve accidentally leaked any secret keys on GitHub [Read More]
FTC files lawsuit against D-Link, accusing the vendor of making false claims about how secure its products are [Read More]
Smart electricity meters continue to pose a serious cybersecurity risk to consumers and utilities. But can hacking lead to explosions? [Read More]
Google researcher Tavis Ormandy discovers certificate-related issues in Kaspersky antivirus products [Read More]
Security flaws in travel booking systems expose passenger information and open the door for fraud, researchers warn [Read More]
The number of brute force attacks launched against WordPress websites has nearly doubled in December compared to the previous period [Read More]
Apple fixes vulnerability that can be exploited to obtain the disk encryption password of a MacBook using a $300 Thunderbolt device [Read More]
Authentication bypass flaw in Skype for Mac could have been exploited by malware to interact with the app [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Rafal Los's picture
If you’re tired of changing your passwords using complex formulas you’ll never remember and have found yourself wondering just what your corporate security team is thinking, this post is for you.
David Holmes's picture
Password proliferation is bad, for many, many, many reasons. But the worst reason is that people tend to re-use passwords all over the place.
Travis Greene's picture
Two-factor authentication (2FA) is becoming more mainstream for businesses; however, businesses need to consider how 2FA should be implemented to maintain both external and internal control.
Travis Greene's picture
As the demand for identity governance in Asian companies grows, the key differentiator is that it’s going to come from a need to reduce risk.
Travis Greene's picture
While Identity and access management (IAM) is a mature discipline supporting internal employee access to applications, what is the future of IAM in support of end customer interactions?
Travis Greene's picture
Like all security measures, MFA is not an instant fix to safeguard credentials. But, understanding the risks of MFA limitations is the first step towards mitigation.
Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.
Rafal Los's picture
Attackers are exploiting issues in corporate identity stores with greater frequency. If you doubt the danger that identities pose to your organization, you should conduct a simple test.