Researchers from Tenable Security claim they have found what is essentially a skeleton key for an ID and access control system that could open the doors for anyone, plus other less severe but nonetheless zero-day vulnerabilities.
Credential abuse attacks and identity theft incidents are rising, with attackers leveraging botnets to launch coordinated campaigns with high success rates, says Aseem Ahmed of Akamai Technologies, who shares best practices for mitigating the threats.
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
A user identity management system can help improve visibility of data residing in the cloud and improve security, says Deepen Desai, a vice president at Zscaler, a cloud-based information security company.
The Reserve Bank of India's new guidelines on interoperability of prepaid payment instruments will lead to better management of cybersecurity and security audits. But many questions are yet to be answered.
Step away from the social media single sign-on services, cybersecurity experts say, citing numerous privacy and security risks. Instead, they recommend that everyone use password managers to create unique and complex passwords for every site, service or app they use.
Security technology innovations entering the market are getting attached as features to an infrastructure that is fundamentally broken and an enforcement model that cannot operate in real time, says Matthew Moynahan, CEO at Forcepoint.
To transparently identify legitimate users in digital channels, organizations need strong digital identity risk assessment capabilities that examine each user's digital patterns and can more accurately detect potential bad actors, says IBM's Matt Konwiser.
Forty-eight percent of customers drop the products and services
of organizations that have had a publicly-disclosed data breach.
This is but one of the findings of the new 2018 Global State of
Online Digital Trust study commissioned by CA Technologies.
The new research study, developed by Frost and...
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
UIDAI, which administers the Aadhaar program, has some simple advice: Avoid behaviors such as what R.S. Sharma, chairman of the Telecom Regulatory Authority in India, did on Saturday, when he tweeted his Aadhaar number.
Early experiments are demonstrating how blockchain, the distributed and immutable ledger behind virtual currencies, potentially could play an important role in identity management, says Avivah Litan, a Gartner Research analyst who will be a featured speaker at ISMG's Security Summit Aug. 14-15 in New York.
This edition of the ISMG Security Report includes an analysis by Executive Editor Matthew J. Schwartz on President Donald Trump's changing views on election meddling, plus an update on voter data being accidently exposed by a robocalling company.