Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Citrix warns that the bugs could result in privileged code in a guest virtual machine to crash the host or render it unresponsive. [Read More]
A serious security bug in the 'netmask' npm package leads to misinterpretation of IP addresses. [Read More]
Researchers flag a critical security hole in the official Facebook for WordPress plugin and warn it could be abused for remote code execution attacks. [Read More]
QNAP says weak passwords, the use of default ports, and public network connections render devices vulnerable to brute-force attacks. [Read More]
Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. [Read More]
The FBI warns that the Mamba ransomware is now weaponizing DiskCryptor to encrypt entire drives, including the operating system. [Read More]
Feedzai lands $200 million in funding to build out its AI/ML-based fraud prevention tools for financial services firms. The round was led by KKR. [Read More]
Facebook’s threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world. [Read More]
The software giant warns that the 'Compact' phishing operation is using several email services to hide the malicious intent of their messages. [Read More]
The open-source Firefox web browser adds a new tracker blocking mechanism in the latest stable channel update. [Read More]
FEATURES, INSIGHTS // Identity & Access
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
In just about every case of digital identity, there seems to be a set of credential recovery mechanisms that are weaker than the authentication method itself.
Organizations should recognize that not all authenticators are equally vulnerable to the mechanisms used to break the trust chain, which range from simple guesswork to coercion.
Now is the time to evaluate what methods of authentication will best serve your organization on the path to a passwordless future.
If you want to succeed with FIDO, you have to be ready. Now is the time to assess your organization’s authentication needs, how they are evolving, and the dynamics of your user population.
It’s time to address some myths about how facial recognition works, to help increase consumer comfort with biometric-authentication technology.
Get the Daily Briefing
- Siemens Releases Several Advisories for 'NAME:WRECK' Vulnerabilities
- FBI Agents Secretly Deleted Web Shells From Hacked Microsoft Exchange Servers
- At Least 100 Million Devices Affected by "NAME:WRECK" DNS Flaws in TCP/IP Stacks
- Google Patches More Under-Attack Chome Zero-days
- Swedish Sports Body Hacked by Russians, Officials Say
- Breaches Detected Faster, But Ransomware Surge a Major Factor: FireEye
- MS Patch Tuesday: NSA Reports New Critical Exchange Flaws
- Adobe Patches Critical Code Execution Vulnerabilities in Photoshop, Bridge
- Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices
- CISA Details Malware Found on Hacked Exchange Servers
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy