Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Mozilla says the upcoming Firefox 68 will address TLS errors caused by antiviruses with a new mechanism that automatically changes the configuration of the browser when a MitM error is detected. [Read More]
Kaspersky researchers use vulnerabilities and social engineering to demonstrate that smart homes can be hacked. [Read More]
Poisoned certificates are in the OpenPGP SKS keyserver network after an unknown threat actor targeted the OpenPGP certificates of two high-profile community contributors. [Read More]
TrapX Security, a company providing cyber defense solutions that rely on deception technology, raises $18 million in a Series C funding round. [Read More]
Attunity, a Qlik-owned data integration and big data management company used by half of Fortune 100 firms, exposed at least one terabyte of data through unprotected Amazon S3 buckets. [Read More]
Google announces that G Suite users can now log in on platforms that don’t directly support security keys with security codes generated by their security keys. [Read More]
Researchers have discovered a chain of flaws in EA Games' login process that could allow an attacker to take over the accounts of any or multiple EA gamers. [Read More]
Canada's Desjardins credit union announced Thursday that the personal banking information of 2.9 million customers had been stolen by an employee and distributed to outside parties. [Read More]
Google is making web browsing with Chrome safer with a new option for reporting suspicious websites and a new warning mechanism for sites that use deceptive URLs. [Read More]
Cloudflare releases a new free API designed to help CAs securely issue certificates by ensuring that malicious actors cannot complete the domain control validation process via BGP hijacking and DNS spoofing attacks. [Read More]
- 1 of 64
- ››
FEATURES, INSIGHTS // Identity & Access
Companies should consider moving to a Zero Trust approach, powered by additional security measures such as multi-factor authentication, to stay ahead of the security curve and leave passwords behind for good.
The ultimate goal for identity and access management (IAM) is not to find the unbreakable or “unhackable” code for authentication; rather, it’s to layer security to create a much stronger identity assurance posture.
The debate about the deprecation of SMS as an authentication system is less about the agreed-upon insecurity of SMS and more about what can replace it. SMS survives because of its ubiquity, period.
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
While implementing Zero Trust is a journey that cannot be achieved over night, it also doesn’t require a complete redesign of existing network architectures.
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
- 1 of 8
- ››
SecurityWeek Daily Briefing
- Enterprises Showing Increasing Backing of Zero Trust Authentication
- Cyberattacks Inflict Deep Harm at Technology-Rich Schools
- Extenbro DNS-Changer Used in Adware Campaign
- Bulgaria Probes Russia-Linked Leak of Taxpayer Data
- Thousands of Legacy Lenovo Storage Devices Exposed Millions of Files
- Russia-linked Hackers Use New Trojans in Recent Attacks
- Security Teams Often Struggle to Get Developers on Board: GitLab Study
- Why We Shouldn't Ignore The Male Majority When Pursuing an Inclusive Workplace
- Symantec Shares Plunge After Reports of Broadcom Deal Stall
- Old Software Makes New Electoral Systems Ripe for Hacking
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy