Twilio has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data. [Read More]
Texas startup Ghost Security emerged from stealth this week with $15 million in investments from 468 Capital, DNX Ventures, and Munich Re Ventures. [Read More]
RegScale scores $20 million in early-stage capital from SYN Ventures, SineWave Ventures, VIPC’s Virginia Venture Partners and SecureOctane. [Read More]
The cryptocurrency division of Robinhood has been slapped with a $30 million penalty for "significant violations" of New York state's cybersecurity and money laundering regulations. [Read More]
Enterprise identity and access management firm Ping Identity has agreed to be acquired by private equity (PE) firm Thoma Bravo for roughly $2.8 billion in cash. [Read More]
VMware patches dangerous security flaw that allows malicious actor with network access to the UI to obtain administrative access without the need to authenticate. [Read More]
Cybersleuths at Microsoft discover a link between the recent ‘Raspberry Robin’ USB-based worm attacks and the notorious EvilCorp ransomware operation. [Read More]
Defense-in-depth encourages a review of all tools in place, ultimately defining a strategy to use everything available to create a layered security approach between users (or potential attackers) and applications/microservices in use.
Zero-trust network access (ZTNA) simplifies secure connectivity by providing seamless, per-use access to applications, no matter where the user or application may be located.
While there is no silver bullet to prevent cybersecurity attacks, ZTNA has become a necessity for organizations on their digital transformation journey by allowing to minimize the attack surface while ensuring the productivity of remote workers.
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access.
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.