Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Cybersecurity company Fortinet has acquired Secure Access Service Edge (SASE) cloud provider OPAQ Networks. [Read More]
Mozilla is the latest browser maker to have announced updated policies that would reduce the lifetime of TLS certificates. [Read More]
Cyberattack simulation company XM Cyber has raised $17 million in a Series B funding round, which brings the total raised to $49 million. [Read More]
Digital Shadows has found over 15 billion username and password combinations offered on cybercrime marketplaces, including more than 5 billion unique credentials. [Read More]
The NSA has published a series of recommendations on how to properly configure IP Security (IPsec) VPNs. [Read More]
An Elasticsearch database pertaining to e-learning platform OneClass was found to expose data on over one million students and lecturers. [Read More]
Companies believe strong authentication is important, but they still over-rely on passwords and allow their employees to access corporate resources via social media credentials. [Read More]
Twitter has informed business users that their billing information may have been exposed through their web browser’s cache. [Read More]
Microsoft has announced improved identity and access management protections for AccountGuard users in the United States, ahead of the 2020 elections. [Read More]
Zoom announced that it will offer end-to-end encryption to free users as long as they provide a phone number to verify their account. [Read More]
- 1 of 75
- ››
FEATURES, INSIGHTS // Identity & Access
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Let’s look at some real-world examples of the identity management challenges remote work is creating, and at what it means to rethink identity governance and lifecycle to meet those challenges.
The integration of identity with security is still work in progress, with less than half of businesses having fully implemented key identity-related access controls according to a research study.
Today’s economic climate exacerbates risks of insider threats, as pending furloughs or pay cuts may tempt employees to exfiltrate data to secure a new job, make up for income losses, etc.
With IT budgets being cut back in response to the economic contraction caused by the current health crisis, security teams need to deliver more with less.
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.
- 1 of 10
- ››
Get the Daily Briefing
- Chinese Researchers Show How They Remotely Hacked a Mercedes-Benz
- TikTok and WeChat: Chinese Apps Dogged by Security Fears
- Trump Bans Dealings With Chinese Owners of TikTok, WeChat
- Qualcomm, MediaTek Wi-Fi Chips Vulnerable to Kr00k-Like Attacks
- Capital One Fined $80 Million in Data Breach
- Researchers Revive 'Foreshadow' Attack by Extending It Beyond L1 Cache
- Intel Investigating Data Leak of Technical Documents, Tools
- US Senate Votes to Ban TikTok on Government Phones
- Twitter Moves to Reduce Reach of 'State-affiliated' Media
- The Integration Imperative for Security Vendors
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy