Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

SirenJack attack allows hackers to remotely activate warning sirens such as the ones used by major cities, military facilities, universities, and industrial sites [Read More]
Hackers protest election-related cyberattacks by hijacking many Cisco switches in Iran and Russia - but do the attacks involve the recently disclosed CVE-2018-0171 vulnerability? [Read More]
AWS launches new tools designed to help users manage firewalls, provision private certificates, and safely store and distribute credentials and other secrets [Read More]
Emerging from stealth mode with $10 million in seed funding, Meta Networks offers a secure software-defined virtual private network aimed at redefining the concept of distributed, cloud-employing corporate networks. [Read More]
Axonius emerges from stealth mode with a platform that leverages existing security and management tools to provide complete visibility and help secure devices [Read More]
Canadian advertising and software development firm AggregateIQ denies ties to controversial Cambridge Analytica, but leaked source code suggests otherwise [Read More]
Enjoy this on demand webinar to learn the most effective way to discover, manage, secure and enforce local admin accounts. [Read More]
Firefox does a poor job at securing stored passwords even if the user has set up a master password, a software developer claims. [Read More]
Russia-linked cyberspy group Dragonfly compromised a Cisco router and abused it to harvest credentials later used to hack energy companies in the UK [Read More]
An unnamed energy firm in the U.S. has been fined $2.7 million over a data security incident that exposed critical cyber assets [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Travis Greene's picture
Closing the gaps in credential security requires awareness of what gaps exist and how to mitigate them.
Torsten George's picture
Implementing machine learning in the context of access control can help organizations reduce their reliance on passwords, and potentially get rid of them altogether.
Torsten George's picture
To limit exposure to privileged credential attacks, organizations need to rethink their enterprise security strategy and move to an identity-centric approach based on a Zero Trust model.
Marc Solomon's picture
How do you determine the amount and mix of data that’s “just right” for your organization? To answer this question it helps to understand what’s driving the need for data in the first place.
Markus Jakobsson's picture
While 2FA is a big step above and beyond the use of traditional passwords, it is not infallible, and thinking so makes the risk of failure even greater.
Preston Hogue's picture
Even the most knowledgeable users — the very CISOs and security professionals who may be reading this article — can be duped into taking the bait.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Travis Greene's picture
Having served aboard the USS Carl Vinson in the late 1990s, I can assure you that the World War II slogan, “loose lips sink ships” is still very much a part of Navy life.
Scott Simkin's picture
Training employees to be aware of credential-based attacks and how to avoid them, as well as adopting the right prevention-based measures, can have a material impact on stopping a common and effective attack techniques.
David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?