Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft drops a mega patch batch for February: 56 documented vulnerabilities, 11 rated critical, one under active attack. [Read More]
Following speculation that Microsoft services served as an initial entry point for the SolarWinds hackers, the tech giant has provided some clarifications. [Read More]
In an SEC filing, North American trucking and freight transportation logistics giant Forward Air Corporation said a December 2020 ransomware attack led to loss of revenues in the range of $7.5 million. [Read More]
TPG will acquire a majority stake in Centrify from Thoma Bravo. Terms of the deal were not disclosed. [Read More]
Law enforcement authorities in the U.S. and Europe have seized the dark web sites associated with the NetWalker ransomware operations and also charged a Canadian national in relation to the malware. [Read More]
Qualys researchers discover a major security hole in the well-known Sudo utility. [Read More]
The open-source browser cracks down on cross-site tracking by isolating network connections and caches to the website currently visited. [Read More]
Apple confirmed that malicious hackers are exploiting serious security flaws in its flagship iOS and iPad OS platforms. Details are scant. [Read More]
Google says it’s making progress on plans to revamp Chrome user tracking technology aimed at improving privacy even as it faces challenges from regulators and officials. [Read More]
Google warned about a “government-backed entity based in North Korea” targeting security researchers with social engineering attacks and drive-by browser exploits from booby-trapped websites. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Torsten George's picture
Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access.
Torsten George's picture
Ultimately, organizations must assume that bad actors are already in their networks. And consumers must realize they’re constant targets.
Torsten George's picture
Today’s dynamic threatscape requires security professionals to adjust to an ever-expanding attack surface.
Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Jim Ducharme's picture
Let’s look at some real-world examples of the identity management challenges remote work is creating, and at what it means to rethink identity governance and lifecycle to meet those challenges.
Torsten George's picture
The integration of identity with security is still work in progress, with less than half of businesses having fully implemented key identity-related access controls according to a research study.
Torsten George's picture
Today’s economic climate exacerbates risks of insider threats, as pending furloughs or pay cuts may tempt employees to exfiltrate data to secure a new job, make up for income losses, etc.
Torsten George's picture
With IT budgets being cut back in response to the economic contraction caused by the current health crisis, security teams need to deliver more with less.
Torsten George's picture
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
Jim Ducharme's picture
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.