Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Citrix said hackers had access to its network for five months and they may have stolen names, SSNs and financial information relating to current and former employees. [Read More]
A majority of the 2020 US presidential campaigns are vulnerable to sophisticated email attacks, according to a study conducted by email security firm Agari. [Read More]
An unprotected database belonging to an unidentified organization stored information on 80 million US households. [Read More]
Vulnerabilities in the iLnkP2P implementation of P2P expose millions of cameras and other IoT devices to remote attacks from the Internet, and no patches are available. [Read More]
Microsoft announced a series of changes to the security baseline in Windows 10, including the removal of the password-expiration policy from the platform. [Read More]
The UK's National Cyber Security Centre (NCSC) believes that if defenders automatically block the most common passwords, then hacking will be made more difficult. [Read More]
Google will soon block login attempts from embedded browser frameworks such as the Chromium Embedded Framework (CEF) to prevent MitM phishing attacks. [Read More]
Hackers breached Microsoft email services (Outlook.com, Hotmail, MSN) and accessed user accounts after compromising a support agent’s credentials. [Read More]
A series of vulnerabilities found in the WPA3 protocol, dubbed Dragonblood, can be exploited to obtain the password of a Wi-Fi network. [Read More]
An analysis of the reservation systems used by 1,500 hotels revealed that over two-thirds expose user information and allow attackers to cancel bookings. [Read More]
- 1 of 62
- ››
FEATURES, INSIGHTS // Identity & Access
The debate about the deprecation of SMS as an authentication system is less about the agreed-upon insecurity of SMS and more about what can replace it. SMS survives because of its ubiquity, period.
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
While implementing Zero Trust is a journey that cannot be achieved over night, it also doesn’t require a complete redesign of existing network architectures.
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
Instead of relying solely on passwords, security professionals should consider implementing a Zero Trust approach to identity and access management based on the following best practices.
The Reddit data breach illustrates the importance of rolling out an approach designed to verify the user, validate their device, limit access and privilege, and learn and adapt to new risks.
- 1 of 8
- ››
SecurityWeek Daily Briefing
- Researcher Drops Windows 10 Zero-Day Exploit
- Google Warns G Suite Customers of Passwords Stored Unhashed Since 2005
- Firefox Now Has Fingerprinting and Crypto-mining Protection
- Attack Combines Phishing, Steganography, PowerShell to Deliver Malware
- Guardicore Raises $60 Million in Series C Funding
- Satan Ransomware Expands Portfolio of Exploits
- Poor Security Hygiene Found Across Almost All Political Parties in US, Europe
- Microsoft Adds Live Response Capabilities to Defender ATP
- Identity Management Firm Auth0 Raises $103 Million
- US Warns Chinese Drones May Steal Data: Report
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy