Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Security researchers at Rapid7 discover multiple vulnerabilities in Sigma Spectrum infusion pump battery units, including the storing of WiFi credentials on non-volatile memory. [Read More]
Forty-one cybersecurity-related M&A deals were announced in August 2022. [Read More]
Cymulate, a late-stage Israeli startup in the breach and attack simulation space, has now raised a total of $141 million in venture capital financing. [Read More]
Zyxel has released patches for a format string vulnerability impacting the firmware of multiple NAS device models. [Read More]
A group of academic researchers have designed an open source Node.js vulnerability hunting tool that has already identified 180 security flaws. [Read More]
Okta has a standard process that can be misused by an attacker to impersonate another existing user. [Read More]
Atlassian said the vulnerability carries a CVSS severity score of 9.9 out of 10 and can be exploited remotely to launch code execution attacks. [Read More]
Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information. [Read More]
Texas startup BalkanID scores additional financing for technology in the Identity Governance and Administration (IGA) space. [Read More]
Streaming media startup Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted passwords. [Read More]
FEATURES, INSIGHTS // Identity & Access
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Let’s look at some real-world examples of the identity management challenges remote work is creating, and at what it means to rethink identity governance and lifecycle to meet those challenges.
The integration of identity with security is still work in progress, with less than half of businesses having fully implemented key identity-related access controls according to a research study.
Today’s economic climate exacerbates risks of insider threats, as pending furloughs or pay cuts may tempt employees to exfiltrate data to secure a new job, make up for income losses, etc.
With IT budgets being cut back in response to the economic contraction caused by the current health crisis, security teams need to deliver more with less.
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.
Get the Daily Briefing
- Russia Gives Citizenship to Ex-NSA Contractor Edward Snowden
- Ukraine Says Russia Planning 'Massive Cyberattacks' on Critical Infrastructure
- Hackers Leak French Hospital Patient Data in Ransom Fight
- Australia Mulls Tougher Cybersecurity Laws After Data Breach
- Breached American Airlines Email Accounts Abused for Phishing
- UK Teen Arrested Over Rockstar Games, Uber Hacks
- Ukraine Cracks Down on Group Selling Hacked Accounts to Pro-Russia Propagandists
- Microsoft Dismantles Spam Campaign Abusing OAuth Applications
- Hacktivist Attacks Show Ease of Hacking Industrial Control Systems
- Sophos Firewall Zero-Day Exploited in Attacks on South Asian Organizations
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy