Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A security researcher recently discovered that it is possible to bypass Windows’ User Account Control (UAC) by spoofing the execution path of a file in a trusted directory. [Read More]
A critical vulnerability affecting a GDPR compliance plugin for WordPress has been exploited in the wild [Read More]
Minneapolis-based identity firm Entrust Datacard has acquired Barcelona, Spain firm Safelayer Secure Communications. Financial details were not been disclosed. [Read More]
A default account exposes Cisco Small Business switches to remote attacks. No patch available, but there is a workaround [Read More]
BehavioSec adds new features to Behavioral Biometrics Platform, including global profiling, detection of obfuscated origin, and docker container support [Read More]
Symantec acquires mobile application security firm Appthority and Javelin Networks, a company specializing in Active Directory (AD) security [Read More]
BLEEDINGBIT: Millions of enterprise access points and other network devices may be exposed to remote attacks due to vulnerabilities in Bluetooth Low Energy (BLE) chips made by Texas Instruments [Read More]
Google announces new protections and tools designed to help users secure their account [Read More]
iPhone enthusiast Jose Rodriguez (aka videosdebarraquito) finds new iPhone lockscreen bypass. The latest method abuses the recently introduced Group FaceTime feature [Read More]
Signal unveils “sealed sender,” a new feature designed to protect the identity of a sender [Read More]
FEATURES, INSIGHTS // Identity & Access
How do you determine the amount and mix of data that’s “just right” for your organization? To answer this question it helps to understand what’s driving the need for data in the first place.
While 2FA is a big step above and beyond the use of traditional passwords, it is not infallible, and thinking so makes the risk of failure even greater.
Even the most knowledgeable users — the very CISOs and security professionals who may be reading this article — can be duped into taking the bait.
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Having served aboard the USS Carl Vinson in the late 1990s, I can assure you that the World War II slogan, “loose lips sink ships” is still very much a part of Navy life.
Training employees to be aware of credential-based attacks and how to avoid them, as well as adopting the right prevention-based measures, can have a material impact on stopping a common and effective attack techniques.
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
If you’re tired of changing your passwords using complex formulas you’ll never remember and have found yourself wondering just what your corporate security team is thinking, this post is for you.
Password proliferation is bad, for many, many, many reasons. But the worst reason is that people tend to re-use passwords all over the place.
Two-factor authentication (2FA) is becoming more mainstream for businesses; however, businesses need to consider how 2FA should be implemented to maintain both external and internal control.
SecurityWeek Daily Briefing
- Hertz, Clear Partner to Speed Rentals With Biometric Scans
- Windows Kernel Vulnerability Exploited in Attacks
- Adobe Patches 87 Vulnerabilities in Acrobat Software
- New Exploit Kit Targets SOHO Routers
- House Releases Cybersecurity Strategies Report
- Russian Critical Infrastructure Targeted by Profit-Driven Cybercriminals
- Italian Oil Services Company Saipem Hit by Cyberattack
- Secure Messaging Applications Prone to Session Hijacking
- Google CEO Faces House Grilling on Breach, China Censorship
- Organizations Still Slow to Detect Breaches: CrowdStrike
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy