Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Researcher discovers that Cisco’s CSPC product, which collects information from Cisco devices installed on a network, has a default account that can provide access to unauthorized users. [Read More]
SSL/TLS certificates and related services can be easily acquired from dark web marketplaces, according to an academic study sponsored by Venafi. [Read More]
BlackBerry Cylance, the company that resulted from BlackBerry’s acquisition of Cylance, unveils CylancePERSONA, an endpoint behavioral analytics solution. [Read More]
Armor Scientific emerges from stealth mode with a platform that provides identity and authentication services through a combination of wearables and blockchain-enabled middleware. [Read More]
Tripwire launches Penetration Testing Assessment and Industrial Cybersecurity Assessment services to help organizations find vulnerabilities in their systems. [Read More]
Obsidian Security, an identity protection company led by founders of Cylance and Carbon Black, raises $20 million in a Series B funding round. [Read More]
Many PDF viewers and online validation services contain vulnerabilities that can be exploited to make unauthorized changes to signed PDF documents without invalidating the signature, researchers warn. [Read More]
Android becomes FIDO2 Certified, making it easier for developers to provide passwordless authentication for their Android apps and websites. [Read More]
The Face ID and Touch ID authentication feature introduced recently to WhatsApp for iOS can be easily bypassed, but a patch has been released. [Read More]
Pulse Secure unveils Software Defined Perimeter (SDP) solution designed to help enterprises securely access their applications and resources. [Read More]
- 1 of 60
- ››
FEATURES, INSIGHTS // Identity & Access
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
While implementing Zero Trust is a journey that cannot be achieved over night, it also doesn’t require a complete redesign of existing network architectures.
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
Instead of relying solely on passwords, security professionals should consider implementing a Zero Trust approach to identity and access management based on the following best practices.
The Reddit data breach illustrates the importance of rolling out an approach designed to verify the user, validate their device, limit access and privilege, and learn and adapt to new risks.
Cyber attackers long ago figured out that the easiest way for them to gain access to sensitive data is by compromising an end user’s identity and credentials.
Privileged Access Management (PAM) can monitor and record user activity to offer misuse deterrence by collecting evidence for prosecution, and can provide more detailed compliance reporting than system logs.
It’s imperative that security practitioners acknowledge the often-confusing nature of insider threat, seek to dispel misconceptions, and provide clear, accurate insight whenever possible.
- 1 of 8
- ››
SecurityWeek Daily Briefing
- Pwn2Own 2019: Researchers Win Tesla After Hacking Its Browser
- UK Police Federation Hit by Ransomware
- Russian Hackers Target European Governments Ahead of Elections: FireEye
- Industry Reactions to Norsk Hydro Breach: Feedback Friday
- Microsoft Launches Defender ATP Endpoint Security for macOS
- D.C. Attorney General Introduces New Data Security Bill
- Observations From RSA Conference 2019
- Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019
- Threat Hunting Tips to Improve Security Operations
- Global Security Spend Set to Grow to $133.8 Billion by 2022: IDC
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy