Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

GitHub tells some users to reset their passwords after a bug caused internal logs to record passwords in plaintext [Read More]
Microsoft unveils Trusted Cyber Physical Systems (TCPS), a new solution designed to protect critical infrastructure and other industrial systems against cyber threats [Read More]
Mozilla informs users that the upcoming Firefox 60 will introduce support for the same-site cookie attribute to protect against CSRF attacks [Read More]
Researchers claim hackers can remotely exploit an unpatched command injection vulnerability to take control of LG NAS devices [Read More]
Google this week announced that iOS users can now receive Google prompts via their Gmail application. [Read More]
Vast majority of the exhibitors at the RSA Conference have not implemented DMARC on their primary domains, opening the door to fraudulent and fake emails [Read More]
Cisco Talos researchers find 17 vulnerabilities in Moxa industrial routers, including many high severity command injection and DoS flaws [Read More]
Web browsers from Google, Microsoft, and Mozilla will soon provide users with a new, passwordless authentication standard that is currently in final approval stages [Read More]
SirenJack attack allows hackers to remotely activate warning sirens such as the ones used by major cities, military facilities, universities, and industrial sites [Read More]
Hackers protest election-related cyberattacks by hijacking many Cisco switches in Iran and Russia - but do the attacks involve the recently disclosed CVE-2018-0171 vulnerability? [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Rafal Los's picture
If you’re tired of changing your passwords using complex formulas you’ll never remember and have found yourself wondering just what your corporate security team is thinking, this post is for you.
David Holmes's picture
Password proliferation is bad, for many, many, many reasons. But the worst reason is that people tend to re-use passwords all over the place.
Travis Greene's picture
Two-factor authentication (2FA) is becoming more mainstream for businesses; however, businesses need to consider how 2FA should be implemented to maintain both external and internal control.
Travis Greene's picture
As the demand for identity governance in Asian companies grows, the key differentiator is that it’s going to come from a need to reduce risk.
Travis Greene's picture
While Identity and access management (IAM) is a mature discipline supporting internal employee access to applications, what is the future of IAM in support of end customer interactions?
Travis Greene's picture
Like all security measures, MFA is not an instant fix to safeguard credentials. But, understanding the risks of MFA limitations is the first step towards mitigation.
Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.
Rafal Los's picture
Attackers are exploiting issues in corporate identity stores with greater frequency. If you doubt the danger that identities pose to your organization, you should conduct a simple test.