Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Google this week announced that Google Authenticator users can now transfer 2-Step Verification (2SV) secrets between devices. [Read More]
An alert sent out this week by CISA reiterates previously issued recommendations on how organizations should properly secure Microsoft Office 365 deployments. [Read More]
Tel Aviv, Israel-based passwordless authentication provider Secret Double Octopus has raised $15 million in a Series B funding round. [Read More]
The number of attacks abusing RDP to compromise corporate environments has increased significantly over the past couple of months. [Read More]
Identity and access management solutions provider ForgeRock has raised $93.5 million in a Series E funding round that it expects to be the last before its IPO. [Read More]
Google this week announced the availability of a cloud-based solution meant to help work-from-home employees securely access enterprise resources. [Read More]
Identity verification and authentication provider Onfido today announced the closing of a $100 million funding round that brings the total raised by the company to date to $200 million. [Read More]
Internet icons Jim Clark and Tom Jermoluk (past founders of Netscape, Silicon Graphics and @Home Network) have launched a phone-resident personal certificate-based authentication and authorization solution that eliminates all passwords. [Read More]
Zoom has promised to improve security and privacy, but an increasing number of organizations have decided to ban the video conferencing application. [Read More]
Cisco has conducted a low-budget research project on bypassing fingerprint authentication and achieved a success rate of 80 percent, but they were unsuccessful against Windows devices. [Read More]
FEATURES, INSIGHTS // Identity & Access
In just about every case of digital identity, there seems to be a set of credential recovery mechanisms that are weaker than the authentication method itself.
Organizations should recognize that not all authenticators are equally vulnerable to the mechanisms used to break the trust chain, which range from simple guesswork to coercion.
Now is the time to evaluate what methods of authentication will best serve your organization on the path to a passwordless future.
If you want to succeed with FIDO, you have to be ready. Now is the time to assess your organization’s authentication needs, how they are evolving, and the dynamics of your user population.
It’s time to address some myths about how facial recognition works, to help increase consumer comfort with biometric-authentication technology.
Companies should consider moving to a Zero Trust approach, powered by additional security measures such as multi-factor authentication, to stay ahead of the security curve and leave passwords behind for good.
The ultimate goal for identity and access management (IAM) is not to find the unbreakable or “unhackable” code for authentication; rather, it’s to layer security to create a much stronger identity assurance posture.
The debate about the deprecation of SMS as an authentication system is less about the agreed-upon insecurity of SMS and more about what can replace it. SMS survives because of its ubiquity, period.
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
Get the Daily Briefing
- Google Patches Critical Android Vulnerabilities With July 2020 Updates
- Over 5 Billion Unique Credentials Offered on Cybercrime Marketplaces
- Huawei Urges UK Not to Rush Into 5G Decision
- Magecart Group Hits 570 Websites in Three Years
- Russian BEC Ring Targets Many Multinational Organizations
- Free Tool Enables Recovery of Files Encrypted by ThiefQuest Mac Malware
- Federal Judge Upholds Maine's Strict Internet Privacy Law
- Hackers Find Way to Bypass Mitigation for Exploited BIG-IP Vulnerability
- Cerberus Banking Trojan Delivered via App Hosted on Google Play
- Feds Unseal 2018 Indictment Charging Kazakh Man in Hacks
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy