Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
CrackQ is an intuitive interface for Hashcat served by a REST API and a JavaScript front-end web application for ease of use [Read More]
Twitter users no longer need a phone number to use 2-Factor Authentication (2FA) to secure their accounts, and can now use codes via text messages , mobile security apps, and security keys. [Read More]
Popular password manager 1Password has closed a $200 million Series A round, which the company says is the first outside investment following 14 years of growth and profitability. [Read More]
Ecommerce fraud prevention solutions provider Riskified has raised $165 million in a Series E funding round at a valuation of over $1 billion. [Read More]
In addition to new security tools for Azure, at the Ignite 2019 conference this week, Microsoft announced new capabilities aimed at improving the security of its users across platforms. [Read More]
Bed Bath & Beyond says the accounts of less than 1% of its customers have been hacked in an attack that involved credentials obtained from third-party breaches and password reuse. [Read More]
A new report focuses on stolen credentials belonging to global Fortune 500 organizations, and used machine learning (ML) techniques to clean and verify the collected data. [Read More]
Researchers discovered that Adobe exposed 7.5 million records associated with Creative Cloud customers, including email addresses and other account information. [Read More]
Microsoft this week announced the public preview of a new feature that allows enterprise users to check their Azure Active Directory sign-ins for any unusual activity. [Read More]
The presidential campaign website of Donald Trump exposed information that may have allowed hackers to send out emails on behalf of the organization. [Read More]
FEATURES, INSIGHTS // Identity & Access
The debate about the deprecation of SMS as an authentication system is less about the agreed-upon insecurity of SMS and more about what can replace it. SMS survives because of its ubiquity, period.
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
While implementing Zero Trust is a journey that cannot be achieved over night, it also doesn’t require a complete redesign of existing network architectures.
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
Instead of relying solely on passwords, security professionals should consider implementing a Zero Trust approach to identity and access management based on the following best practices.
The Reddit data breach illustrates the importance of rolling out an approach designed to verify the user, validate their device, limit access and privilege, and learn and adapt to new risks.
SecurityWeek Daily Briefing
- Facebook Rolls Out Tool Globally to Clear Third-Party Data
- Vulnerability Allowed Attackers to Join Zoom Meetings
- New Snake Ransomware Targets ICS Processes
- Millions of Devices Using LoRaWAN Exposed to Hacker Attacks
- DEF CON China Conference Postponed Amid Coronavirus Outbreak
- Engaging the Attacker Prior to Impact
- AppOmni Raises $10 Million to Help Companies Prevent Cloud Misconfigurations
- Google Halts Publishing of Paid Chrome Extensions Due to Fraud
- UK Approves Restricted Huawei Role in 5G Network
- Cisco Launches Industrial IoT Security Solution
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy