Manually managing identity-related tasks can be very costly in terms of administrative inefficiencies and productivity losses. Additionally, a litany of manual tasks can lead to rubberstamping and data breaches.
How can banks and the financial services modernize their identity strategy while lowering costs and...
Manually trying to meet compliance often results in time-consuming, costly, and error-prone tasks that ultimately increase risk of non-compliance. Also, without a clear view of user access and an effective system to govern and manage that access, organizations struggle to determine their compliance status. But there's...
Healthcare heroes deserve frictionless access to applications and data they need do their jobs. Onboarding delays due to manual provisioning can drain precious time and jeopardize patient care.
Download this eBook to uncover what hospitals and healthcare organizations can do to prevent clinician access delays, reduce...
Tech and security analysts predict enterprises will shift to passwordless authentication for users to enable modern digital transformation. This is mainly prompted by the problems that have plagued passwords: they’re costly and burdensome to manage; they cause poor user experiences; and they are easily...
Hackers are exploiting OAuth applications to compromise user accounts, manipulate and confer elevated privileges, and set up cryptomining operations, which has cost some organizations up to $1.5 million in losses, according to Microsoft's Threat Intelligence team.
The cybersecurity landscape is structured like Swiss cheese - fragmented and full of vulnerabilities. This complex, ever-evolving environment requires a multifaceted approach to address gaps and a specific focus on data security and identity protection, said Maxine Holt, senior director at Omdia.
Okta has paused product development and internal projects for 90 days to beef up its security architecture and operations for applications, hardware and third-party vendors. Okta will move to strengthen its cyber posture, including a security action plan and engaging with third-party cyber firms.
Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.
Days after announcing a security compromise, cloud-based identity and authentication management provider Okta said that an unknown threat actor had accessed files of 134 customers after an employee signed in to a personal Google profile on the Chrome browser of an Okta-managed laptop.
Stolen and compromised credentials continue to be the crux of major health data security incidents involving cloud environments. But stronger credential management practices and a focused approach to "least privilege engineering" would help, said Taylor Lehmann of Google Cloud.
Social media single sign-on standard OAuth has an implementation weakness that hackers could exploit to obtain unauthorized access, say researchers. "We expect that 1,000s of other websites are vulnerable to the attack," wrote Salt Security, "putting billions of additional internet users at risk."
Widely used password management software provider 1Password said a hacker breached had one of its systems but failed to steal any sensitive data, after stealing a valid session cookie from the customer support system of its access and identity management provider, Okta.
A breach of Okta's support case management system using a stolen credential allowed attackers to access sensitive files uploaded by the identity security giant's customers. San Francisco-based Okta said the threat actor could view filed uploaded by certain customers as part of recent support cases.
Hotel and casino giant MGM Resorts says the recent hack attack against it cost $110 million in lost revenue and mitigation expenses. The publicly traded company expects to recoup losses and costs to date via cyber insurance. MGM Resorts says that its investigation remains ongoing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.