Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Study conducted by Positive Technologies shows that industrial networks are often easy to hack from corporate systems [Read More]
Unpatched vulnerabilities expose more than one million GPON home routers made by Dasan to remote hacking. Dasan routers are known to be targeted by cybercriminals [Read More]
GitHub tells some users to reset their passwords after a bug caused internal logs to record passwords in plaintext [Read More]
Microsoft unveils Trusted Cyber Physical Systems (TCPS), a new solution designed to protect critical infrastructure and other industrial systems against cyber threats [Read More]
Mozilla informs users that the upcoming Firefox 60 will introduce support for the same-site cookie attribute to protect against CSRF attacks [Read More]
Researchers claim hackers can remotely exploit an unpatched command injection vulnerability to take control of LG NAS devices [Read More]
Google this week announced that iOS users can now receive Google prompts via their Gmail application. [Read More]
Vast majority of the exhibitors at the RSA Conference have not implemented DMARC on their primary domains, opening the door to fraudulent and fake emails [Read More]
Cisco Talos researchers find 17 vulnerabilities in Moxa industrial routers, including many high severity command injection and DoS flaws [Read More]
Web browsers from Google, Microsoft, and Mozilla will soon provide users with a new, passwordless authentication standard that is currently in final approval stages [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

David Holmes's picture
There’s a popular attack vector among brute-force attackers right now that takes advantage of the 90-day password expirations commonly used by enterprises.
Travis Greene's picture
Closing the gaps in credential security requires awareness of what gaps exist and how to mitigate them.
Torsten George's picture
Implementing machine learning in the context of access control can help organizations reduce their reliance on passwords, and potentially get rid of them altogether.
Torsten George's picture
To limit exposure to privileged credential attacks, organizations need to rethink their enterprise security strategy and move to an identity-centric approach based on a Zero Trust model.
Marc Solomon's picture
How do you determine the amount and mix of data that’s “just right” for your organization? To answer this question it helps to understand what’s driving the need for data in the first place.
Markus Jakobsson's picture
While 2FA is a big step above and beyond the use of traditional passwords, it is not infallible, and thinking so makes the risk of failure even greater.
Preston Hogue's picture
Even the most knowledgeable users — the very CISOs and security professionals who may be reading this article — can be duped into taking the bait.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Travis Greene's picture
Having served aboard the USS Carl Vinson in the late 1990s, I can assure you that the World War II slogan, “loose lips sink ships” is still very much a part of Navy life.
Scott Simkin's picture
Training employees to be aware of credential-based attacks and how to avoid them, as well as adopting the right prevention-based measures, can have a material impact on stopping a common and effective attack techniques.