Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Enterprise identity and access management firm Ping Identity has agreed to be acquired by private equity (PE) firm Thoma Bravo for roughly $2.8 billion in cash. [Read More]
VMware patches dangerous security flaw that allows malicious actor with network access to the UI to obtain administrative access without the need to authenticate. [Read More]
Cybersleuths at Microsoft discover a link between the recent ‘Raspberry Robin’ USB-based worm attacks and the notorious EvilCorp ransomware operation. [Read More]
GitHub has announced the general availability of an enhanced login experience for npm accounts, amid an increase in cyber incidents. [Read More]
In testimony before the the US House Intelligence Committee, security pros at Google and Citizen Lab make fresh calls for a wholesale clampdown on problematic commercial spyware vendors. [Read More]
Redmond's security research teams intercept multiple zero-day attacks attributed to DSIRF, a private cyber mercenary firm operating out of Austria. [Read More]
Reports say a Greek lawmaker in the European Parliament was targeted with malicious links trying to plant the Predator spyware program. [Read More]
A major security vulnerability in the open source PrestaShop software is being exploited in the wild and approximately 300,000 merchant shops are at risk. [Read More]
SonicWall ships urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the defect exposes businesses to remote hacker attacks. [Read More]
In the latest Windows 11 insider preview builds, Microsoft has enabled by default an account lockout policy to mitigate RDP and other brute force attacks. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Laurence Pitt's picture
Defense-in-depth encourages a review of all tools in place, ultimately defining a strategy to use everything available to create a layered security approach between users (or potential attackers) and applications/microservices in use.
John Maddison's picture
Zero-trust network access (ZTNA) simplifies secure connectivity by providing seamless, per-use access to applications, no matter where the user or application may be located.
Torsten George's picture
While there is no silver bullet to prevent cybersecurity attacks, ZTNA has become a necessity for organizations on their digital transformation journey by allowing to minimize the attack surface while ensuring the productivity of remote workers.
Torsten George's picture
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
William Lin's picture
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Joshua Goldfarb's picture
Josh Goldfarb debunks the most common myths surrounding fraud, security and user experience.
Torsten George's picture
Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access.
Torsten George's picture
Ultimately, organizations must assume that bad actors are already in their networks. And consumers must realize they’re constant targets.
Torsten George's picture
Today’s dynamic threatscape requires security professionals to adjust to an ever-expanding attack surface.
Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.