Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Google expands certificate authority (CA) efforts with the launch of Google Trust Services and the company’s own root CA [Read More]
Facebook is adding support for a FIDO-based Universal 2nd Factor (U2F) authentication key to its multi-factor authentication process. This does not replace Facebook's existing SMS-based second-factor option, but adds a more secure alternative for the security-conscious user. [Read More]
Western Digital patches remote command execution and authentication bypass vulnerabilities in My Cloud storage products [Read More]
The stolen credentials used in the recent Shamoon attacks may have been provided by a threat group dubbed "Greenbug" [Read More]
Shape Security predicts that credential stuffing will become a major issue during 2017 as the 3.3 billion credentials spilled in 2016 work their way through the criminal system. [Read More]
According to a new report analyzing 10 million passwords, the top 25 most popular passwords are used to secure over 50% of online accounts. [Read More]
A flaw in Samsung SmartCam cameras allows a remote attacker to execute arbitrary commands with root privileges [Read More]
Advantech patches authentication bypass and SQL injection vulnerabilities in its WebAccess HMI/SCADA product [Read More]
GoDaddy has revoked nearly 9,000 certificates after discovering a bug that caused the domain validation process to fail [Read More]
St. Jude Medical has patched some of the vulnerabilities found by MedSec, but the vendor insists the risk of cyberattacks is extremely low [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Rafal Los's picture
If you’re tired of changing your passwords using complex formulas you’ll never remember and have found yourself wondering just what your corporate security team is thinking, this post is for you.
David Holmes's picture
Password proliferation is bad, for many, many, many reasons. But the worst reason is that people tend to re-use passwords all over the place.
Travis Greene's picture
Two-factor authentication (2FA) is becoming more mainstream for businesses; however, businesses need to consider how 2FA should be implemented to maintain both external and internal control.
Travis Greene's picture
As the demand for identity governance in Asian companies grows, the key differentiator is that it’s going to come from a need to reduce risk.
Travis Greene's picture
While Identity and access management (IAM) is a mature discipline supporting internal employee access to applications, what is the future of IAM in support of end customer interactions?
Travis Greene's picture
Like all security measures, MFA is not an instant fix to safeguard credentials. But, understanding the risks of MFA limitations is the first step towards mitigation.
Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.
Rafal Los's picture
Attackers are exploiting issues in corporate identity stores with greater frequency. If you doubt the danger that identities pose to your organization, you should conduct a simple test.