Identity & Access

Trouble in Paradise as Cyber Attackers Circumvent 2FA

Two-Factor Authentication (2FA) has for years been one of the very dependable security technologies that was invoked to address high-risk scenarios — whether to safeguard enterprise resources accessed through the firewall, financial accounts, or — for high-value targets — protect each email login.

Markus Jakobsson

September 14, 2017

Written By Markus Jakobsson

Latest News

Click to comment

Webinar: How to Build Resilience Against Emerging Cyber Threats

Thursday, March 16, 2023

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Webinar: Understanding Hidden Third-Party Identity Access Risks

Tuesday, March 28, 2023

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Tackling the Challenge of Actionable Intelligence Through Context

Making threat intelligence actionable requires more than automation; it also requires contextualization and prioritization. (Marc Solomon)

Malware Trends: What’s Old Is Still New

Many of the most successful cybercriminals are shrewd; they want good ROI, but they don’t want to have to reinvent the wheel to get it. (Derek Manky)

Are Encryption and Zero Trust Breaking Key Protections?

Compliance and ZTNA are driving encryption into every aspect of an organization’s network and enterprise and, in turn, forcing us to change how we think about protecting our environments. (Matt Wilson)

How the Best CISOs Drive Operational Resilience

Cyberattacks have exposed a myriad of vulnerabilities in our healthcare infrastructure, and will continue to do so as new and innovative medical technologies are developed. (Galina Antova)

Defeating the Deepfake Danger

Deepfakes are becoming increasingly popular with cybercriminals, and as these technologies become even easier to use, organizations must become even more vigilant. (Derek Manky)

Identity & Access

Cyber Insights 2023 | Zero Trust and Identity and Access Management

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Kevin TownsendFebruary 6, 2023

Identity & Access

Password Dependency: How to Break the Cycle

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Torsten GeorgeJanuary 25, 2023

Application Security

Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Ryan NaraineDecember 12, 2022

Application Security

VMware Patches VM Escape Flaw Exploited at Geekpwn Event

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Ryan NaraineDecember 13, 2022

Application Security

LastPass Says Password Vault Data Stolen in Data Breach

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Ryan NaraineDecember 22, 2022

Application Security

Patch Tuesday: Microsoft Plugs Windows Hole Exploited in Ransomware Attacks

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Ryan NaraineDecember 13, 2022

Application Security

Tesla Returns as Pwn2Own Hacker Takeover Target

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Ryan NaraineJanuary 12, 2023

Identity & Access

Strata Raises $26 Million for Multi-Cloud Identity Management Platform

Strata Identity has raised $26 million in a Series B funding round led by Telstra Ventures, with additional investment from Forgepoint Capital, Innovating Capital,...

Ionut ArghireJanuary 25, 2023

SECURITYWEEK NETWORK:

Security Experts:

SecurityWeek

Identity & Access

Trouble in Paradise as Cyber Attackers Circumvent 2FA

More from Markus Jakobsson

Latest News

Webinar: How to Build Resilience Against Emerging Cyber Threats

Webinar: Understanding Hidden Third-Party Identity Access Risks

Expert Insights

Tackling the Challenge of Actionable Intelligence Through Context

Malware Trends: What’s Old Is Still New

Are Encryption and Zero Trust Breaking Key Protections?

How the Best CISOs Drive Operational Resilience

Defeating the Deepfake Danger

Related Content

Identity & Access

Cyber Insights 2023 | Zero Trust and Identity and Access Management

Identity & Access

Password Dependency: How to Break the Cycle

Application Security

Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw

Application Security

VMware Patches VM Escape Flaw Exploited at Geekpwn Event

Application Security

LastPass Says Password Vault Data Stolen in Data Breach

Application Security

Patch Tuesday: Microsoft Plugs Windows Hole Exploited in Ransomware Attacks

Application Security

Tesla Returns as Pwn2Own Hacker Takeover Target

Identity & Access

Strata Raises $26 Million for Multi-Cloud Identity Management Platform

SECURITYWEEK NETWORK:

Security Experts:

More from Markus Jakobsson

Latest News

Trending

Daily Briefing Newsletter

Webinar: How to Build Resilience Against Emerging Cyber Threats

Webinar: Understanding Hidden Third-Party Identity Access Risks

Expert Insights

Tackling the Challenge of Actionable Intelligence Through Context

Malware Trends: What’s Old Is Still New

Are Encryption and Zero Trust Breaking Key Protections?

How the Best CISOs Drive Operational Resilience

Defeating the Deepfake Danger

Related Content

Identity & Access

Cyber Insights 2023 | Zero Trust and Identity and Access Management

Identity & Access

Password Dependency: How to Break the Cycle

Application Security

Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw

Application Security

VMware Patches VM Escape Flaw Exploited at Geekpwn Event

Application Security

LastPass Says Password Vault Data Stolen in Data Breach

Application Security

Patch Tuesday: Microsoft Plugs Windows Hole Exploited in Ransomware Attacks

Application Security

Tesla Returns as Pwn2Own Hacker Takeover Target

Identity & Access

Strata Raises $26 Million for Multi-Cloud Identity Management Platform