A phishing-as-a-service platform that allows cybercriminals to impersonate more than 1,100 domains has over the past half year become one of the most widespread adversary-in-the-middle platforms. Attackers are meeting the rise of multifactor authentication by using tools such as Tycoon 2FA.
Despite advances in endpoint security, Sergei Rousakov, chief security architect at LinkedIn, said the landscape remains complex. He said endpoint tools need to take a more integrated approach that includes identity and device context to truly protect against cybersecurity threats.
The Spanish High Court on Monday sided with the country's data regulator, the Spanish Data Protection Agency, to uphold a three-month ban on OpenAI founder Sam Altman's controversial digital identity and cryptocurrency platform Worldcoin due to privacy concerns.
The rise of public cloud infrastructure and remote work have weakened network-based models of security. The network-first models have been replaced by the tenets of Zero Trust and Least Privilege. A core component of Zero Trust is placing user identity and associated entitlements at the center of security. It is now...
A post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign-on authentication messages, warn security researchers from Semperis, who unveiled an attack they dub "Silver SAML."
Okta's 90-day push to improve its security architecture and operations after a crippling October 2023 data breach delivered quick results, CEO Todd McKinnon said. Okta over the past quarter reduced credential stuffing attempts and malicious bot traffic for its largest customers by more than 90%.
SSH Communications Security CEO Teemu Tunkelo left the Finnish cybersecurity vendor abruptly Monday after low license sales in late 2023 slowed the company's growth. No reason was given for Tunkelo's departure, which stems from an agreement between the CEO and SSH and will take effect immediately.
Britain's privacy watchdog ordered Serco Leisure, which operates nearly 40 leisure facilities, to cease using facial recognition and fingerprint scanning for clocking employees in and out, saying the company failed to demonstrate such technology was "necessary or proportionate."
The EU’s Network and Information Systems 2 (NIS2) directive is intended to help organizations improve their resilience against cyberattacks. Notably, NIS2 places a key focus on securing critical infrastructure and reducing supply chain risks stemming from third party vendors.
But that’s just a high-level...
The Digital Operational Resilience Act (DORA) is intended to help EU financial sector organizations improve their resilience against cyberattacks. Overall, DORA places a key focus on securing information and communication technology (ICT). The act applies not only to financial firms, but also to third parties that...
In the new The Forrester Wave™ for Privileged Identity Management, Q4 2023, Forrester evaluates the most significant vendors and how they measure up.
Secure every identity with Intelligent Privilege Controls™ technology from CyberArk. Keep your business, its most privileged users and valuable assets secure....
The CyberArk Identity Security Platform secures high-risk cloud operations teams to reduce the risk of breach as they migrate, scale and operate infrastructure and services for internal and customer-facing applications. It unifies security for both system and federated access to long-lived systems, elastic workloads...
In the latest weekly update, Jeremy Grant of Venable LLP joins editors at ISMG to discuss the state of secure identity in 2024, the challenges in developing next-generation remote ID proofing systems, and the potential role generative AI can play in both compromising and protecting identities.
Poor credential management practices hit Australian organizations hard in late 2023, accounting for a majority of cyber incidents affecting millions of people, the Australian Information Commissioner said. Compromised or stolen credentials account for 1 in 4 data breaches.
California privileged access management vendor Delinea announced it will acquire identity governance and administration vendor Fastpath. "We believe privilege, not just identity, is the true security perimeter," said Delinea Chief Product Officer Phil Calvin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.