Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Netgear warns that an attacker on the same network as a vulnerable device could intercept and manipulate router traffic to execute code as root. [Read More]
VMware releases an urgent security patch for a flaw in its vCenter Server product and warned users to expect public exploit code within minutes of disclosure. [Read More]
Cisco Talos researchers say the backdoor is installed as a service and constantly contacts its command and control (C&C) to receive commands. [Read More]
The company plans to invest in R&D and personnel, to meet demand for its cloud-based identity solution. [Read More]
The iOS 15 makeover also includes patches for at least 22 documented security vulnerabilities, some serious enough to expose iPhone and iPad users to arbitrary code execution attacks. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]
Microsoft tells owners of consumer accounts that they can now go completely passwordless and delete their password from their account. [Read More]
In addition to one-on-one phone call encryption, Zoom announces Verified Identity and a Bring Your Own Key (BYOK) offering. [Read More]
The patch comes exactly one week after the Redmond, Wash. software giant acknowledged the CVE-2021-40444 security defect and confirmed the existence of in-the-wild exploitation via booby-trapped Microsoft Office documents. [Read More]
- 1 of 100
- ››
FEATURES, INSIGHTS // Identity & Access
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Josh Goldfarb debunks the most common myths surrounding fraud, security and user experience.
Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access.
Ultimately, organizations must assume that bad actors are already in their networks. And consumers must realize they’re constant targets.
Today’s dynamic threatscape requires security professionals to adjust to an ever-expanding attack surface.
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Let’s look at some real-world examples of the identity management challenges remote work is creating, and at what it means to rethink identity governance and lifecycle to meet those challenges.
The integration of identity with security is still work in progress, with less than half of businesses having fully implemented key identity-related access controls according to a research study.
Today’s economic climate exacerbates risks of insider threats, as pending furloughs or pay cuts may tempt employees to exfiltrate data to secure a new job, make up for income losses, etc.
- 1 of 10
- ››
Get the Daily Briefing
- States at Disadvantage in Race to Recruit Cybersecurity Pros
- EU Denounces Alleged Russian Hacking Ahead of German Vote
- FamousSparrow Cyberspies Exploit ProxyLogon in Attacks on Governments, Hotels
- Google Says Threat Actors Using New Code Signing Tricks to Evade Detection
- SonicWall Patches Critical Vulnerability in SMA Appliances
- LG to Acquire Vehicle Cybersecurity Firm Cybellum
- CISA Opens IPv6 Guidance to Public Feedback
- Port of Houston Target of Suspected Nation-State Hack
- F5 to Acquire Threat Stack for $68 Million in Cash
- Working Securely From Anywhere With Zero Trust
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy