Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Key security elements of the iPhone X include ditching the Home key and fingerprint access for facial access, and a new requirement for a passcode to be entered before the iPhone can be connected to an external device. [Read More]
SEC Consult discloses details of several vulnerabilities affecting IBM InfoSphere DataStage and Information Server [Read More]
US Energy Department announces $50 million investment in tools and technology to improve resilience and security of energy infrastructure. Over $20 million allocated for cybersecurity [Read More]
Billions of devices may be exposed to a new and stealthy Bluetooth attack that can be carried out without any user interaction [Read More]
Smiths Medical Medfusion 4000 wireless syringe infusion pumps affected by serious flaws. Patches coming only next year [Read More]
Hackers can send inaudible commands to Siri, Google Now, Cortana, Alexa and Audi’s speech recognition system via ultrasound [Read More]
Hackers are selling phone numbers and email addresses of millions of celebrities and other high profile Instagram users [Read More]
A former employee of Columbia Sportswear pleaded guilty to intentionally accessing the Columbia Sportswear IT network without authorization. [Read More]
China has ordered the country's internet platforms to verify users' true identity before letting them post online content, the latest step by authorities to tighten policing of the web. [Read More]
Vulnerabilities in PoS systems from SAP and other vendors allow hackers to steal payment card data and change prices [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Markus Jakobsson's picture
While 2FA is a big step above and beyond the use of traditional passwords, it is not infallible, and thinking so makes the risk of failure even greater.
Preston Hogue's picture
Even the most knowledgeable users — the very CISOs and security professionals who may be reading this article — can be duped into taking the bait.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Travis Greene's picture
Having served aboard the USS Carl Vinson in the late 1990s, I can assure you that the World War II slogan, “loose lips sink ships” is still very much a part of Navy life.
Scott Simkin's picture
Training employees to be aware of credential-based attacks and how to avoid them, as well as adopting the right prevention-based measures, can have a material impact on stopping a common and effective attack techniques.
David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Rafal Los's picture
If you’re tired of changing your passwords using complex formulas you’ll never remember and have found yourself wondering just what your corporate security team is thinking, this post is for you.
David Holmes's picture
Password proliferation is bad, for many, many, many reasons. But the worst reason is that people tend to re-use passwords all over the place.
Travis Greene's picture
Two-factor authentication (2FA) is becoming more mainstream for businesses; however, businesses need to consider how 2FA should be implemented to maintain both external and internal control.
Travis Greene's picture
As the demand for identity governance in Asian companies grows, the key differentiator is that it’s going to come from a need to reduce risk.