Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

In an SEC filing, North American trucking and freight transportation logistics giant Forward Air Corporation said a December 2020 ransomware attack led to loss of revenues in the range of $7.5 million. [Read More]
TPG will acquire a majority stake in Centrify from Thoma Bravo. Terms of the deal were not disclosed. [Read More]
Law enforcement authorities in the U.S. and Europe have seized the dark web sites associated with the NetWalker ransomware operations and also charged a Canadian national in relation to the malware. [Read More]
Qualys researchers discover a major security hole in the well-known Sudo utility. [Read More]
The open-source browser cracks down on cross-site tracking by isolating network connections and caches to the website currently visited. [Read More]
Apple confirmed that malicious hackers are exploiting serious security flaws in its flagship iOS and iPad OS platforms. Details are scant. [Read More]
Google says it’s making progress on plans to revamp Chrome user tracking technology aimed at improving privacy even as it faces challenges from regulators and officials. [Read More]
Google warned about a “government-backed entity based in North Korea” targeting security researchers with social engineering attacks and drive-by browser exploits from booby-trapped websites. [Read More]
Axiad, a provider of a cloud-based passwordless authentication solutions, has raised $20 million in growth funding from private equity firm Invictus Growth Partners. [Read More]
Unprotected Windows RDP servers have been abused to amplify DDoS attacks, with observed attacks ranging between 20 and 750 Gbps. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Josh Lefkowitz's picture
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
Jim Ducharme's picture
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
Torsten George's picture
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.
Joshua Goldfarb's picture
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
Jim Ducharme's picture
In just about every case of digital identity, there seems to be a set of credential recovery mechanisms that are weaker than the authentication method itself.
Torsten George's picture
Organizations should recognize that not all authenticators are equally vulnerable to the mechanisms used to break the trust chain, which range from simple guesswork to coercion.
Jim Ducharme's picture
Now is the time to evaluate what methods of authentication will best serve your organization on the path to a passwordless future.
Jim Ducharme's picture
If you want to succeed with FIDO, you have to be ready. Now is the time to assess your organization’s authentication needs, how they are evolving, and the dynamics of your user population.
Jim Ducharme's picture
It’s time to address some myths about how facial recognition works, to help increase consumer comfort with biometric-authentication technology.
Torsten George's picture
Companies should consider moving to a Zero Trust approach, powered by additional security measures such as multi-factor authentication, to stay ahead of the security curve and leave passwords behind for good.