With perimeter-focused architectures quickly becoming irrelevant, enterprises are looking toward identity-focused security measures to protect new “perimeterless” networks and new forms of working.
Identity Security for Dummies is a primer on securing digital identities across the enterprise.
In today’s digital environment, any digital identity — whether customer, remote worker, third-party vendor, device or application — can become privileged under certain conditions, creating an attack path to your most valuable assets.
Unrestricted cloud console access, excessive cloud entitlements, embedded...
In the past two years, the world experienced a significant shift in how many people work and transact business online. Digital identities used to connect remote workers suddenly became an even greater security target for attackers. Almost overnight, workplace trends from the last several years collided to create a new...
Cloud video conferencing provider Zoom has released patches for multiple vulnerabilities in its product that could have allowed criminals to intercept data from meetings and attack customer infrastructure.
Federal authorities have issued alerts about security vulnerabilities identified in medical device products from manufacturers Siemens and Philips. The two advisories cover 13 flaws in Siemens' Nucleus Real-Time Operating System TCP/IP stack and three issues in certain Philips MRI products.
The top cybercrime threats facing organizations in Europe and beyond include ransomware affiliate programs, more sophisticated mobile malware and cryptocurrency-hawking investment fraud, among other types of crime, according to Europol's latest Internet Organized Crime Threat Assessment.
The latest edition of the ISMG Security Report features an analysis of the progress made by law enforcement agencies in the effort to crack down on ransomware. Also featured: Evil Corp banking malware still active; XDR market trends.
Cyber attacks happen — that’s a static fact of today’s cyber-fueled world. What isn’t static is how and where these attacks happen. Opportunities for attackers abound as networks grow more complex and orgs migrate (or come to life) in the cloud. Today’s attackers can spend months hiding in an environment,...
The U.S. has joined an 80-nation agreement that sets collective goals for cyberspace, with a particular focus on internet integrity, electoral security, intellectual property theft, use of malign hacking tools and more. Vice President Kamala Harris confirmed U.S. entry into the multistate pact.
New Jersey state regulators have smacked two vendors with a hefty financial settlement and corrective action plan for their involvement in a 2016 printing and mailing mishap that compromised the health information of nearly 56,000 residents.
Vulnerabilities in Apple Pay, Samsung Pay and Google Pay allow attackers to make unlimited purchases using stolen smartphones enabled with express transport schemes, according to a research report from Positive Technologies. These findings were presented at Black Hat Europe this week.
CyberEdBoad excutive member Alan Ng of China Taiping Insurance, Singapore, explains the enterprise risk management strategy for the pandemic era and how the Distributed, Immutable and Ephemeral triad works with the Confidentiality, Integrity and Availability triad to make organizations more secure.
Multi-factor authentication is defined as two out of the three categories of knowledge, possession, and inherence
factors. For example, a password plus SMS OTP would be a combination of knowledge and possession; a
password with biometric would be a combination of knowledge and inherence.
However, there’s also a...
Two thirds of employees now work remotely, and need to be able to access their
work-related apps and data everywhere, anytime, from any device. Enterprises
need a new comprehensive security solution that’s frictionless for end-users yet
protects all web, cloud and on-premises enterprise activity.
The accelerated path to remote work
Around the world, companies and institutions have
had to upscale their virtual private networks (VPNs),
adopt cloud-based workplace applications at record
speed, and make several rapidfire decisions to better
enable their teams. But this sudden transition to remote