Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Claroty researchers document a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on OpenVPN. [Read More]
Security response agencies warn the Zoho flaw puts academic institutions, critical infrastructure and defense contractors are at high risk for APT attacks. [Read More]
GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months. [Read More]
The newly discovered Android banking trojan targets international banks and five different cryptocurrency services. [Read More]
Identity verification and identity fraud company GBG is acquiring identity verification and fraud prevention company Acuant for $736 million. [Read More]
Microsoft's threat hunters have caught Iranian threat actors breaking into IT services shops in India and Israel and stealing credentials for downstream software supply chain attacks. [Read More]
Public cloud data protection provider Laminar has emerged from stealth with $32 million in Series A funding led by Insight Partners. [Read More]
Google paid roughly $60,000 in bug bounty rewards to the external security researchers reporting high-severity vulnerabilities in Chrome. [Read More]
Mandiant researchers says narratives used in the Ghostwriter information operations campaign are aligned with Belarusian government interests, suggesting at least partial involvement. [Read More]
Researchers showcase new attack that relies on non-uniform and frequency-based Rowhammer access patterns to bypass Target Row Refresh (TRR) on DDR4 DRAM. [Read More]
FEATURES, INSIGHTS // Identity & Access
The integration of identity with security is still work in progress, with less than half of businesses having fully implemented key identity-related access controls according to a research study.
Today’s economic climate exacerbates risks of insider threats, as pending furloughs or pay cuts may tempt employees to exfiltrate data to secure a new job, make up for income losses, etc.
With IT budgets being cut back in response to the economic contraction caused by the current health crisis, security teams need to deliver more with less.
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
In just about every case of digital identity, there seems to be a set of credential recovery mechanisms that are weaker than the authentication method itself.
Get the Daily Briefing
- Fearing Misuse, Israel Tightens Supervision of Cyber Exports
- Video: CISO Fireside Chat With Steve Katz, World's First Known CISO
- Anti-Fraud Bot Protection Firm Kasada Bags $23 Million Investment
- Zoho Confirms New Zero-Day, Ships Exploit Detector
- FBI Warns of Cuba Ransomware Attacks on Critical Infrastructure
- Web Browsers Vulnerable to 14 New Types of XS-Leak Attacks
- Hackers Steal $150 Million Worth of Cryptocurrency From BitMart
- Cyberattack Causes Significant Disruption at Colorado Electric Utility
- Pegasus Maker Probes Reports its Spyware Targeted US Diplomats
- Researchers Find 226 Vulnerabilities in Nine Wi-Fi Routers
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy