Data warehousing platform Snowflake rolled out default MFA - as well as a 14-character password minimum - to shore up security in the wake of a series of cyberattacks in June that hit high-profile customers including Santander Bank, Advance Auto Parts, LA Unified School District and Neiman Marcus.
Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.
Companies care deeply about keeping their identities safe. During the past few years, they have invested in identity and access management (IAM) tools at an incredible pace. By 2028, spending on these tools is projected to grow to $34.5 billion.
So why have a staggering 84% experienced an identity-related breach in...
Microsoft's Sherrod DeGrippo delves into the rise of SIM swapping, the role of social engineering in cyberattacks, and the emerging use of AI by threat actors. She emphasizes the need for real multifactor authentication and advanced strategies to counter these evolving threats.
Singapore-based telecom giant Singtel launched the country's first quantum-safe network across its identity and authentication platforms to help enterprises protect data from potential future quantum computing-related threats. The network integrates with Cisco, Fortinet and Nokia solutions.
The Department of Health and Human Services is facing some of the same cloud security problems as the healthcare organizations it regulates: weaknesses in a dozen different cloud security controls and inventories of cloud systems, according to an inspector general's audit report.
The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
In Forrester's 2023 Cybersecurity Threats report, AI applications like ChatGPT are identified as emerging threats. Gartner highlights five major risks associated with generative AI: fabricated information, deepfakes, data privacy, copyright issues, and cybersecurity.
Generative AI poses a significant cybersecurity...
Keith Bergin, vice president of corporate claims at Tokio Marine HCC, explains how cyber insurers evaluate security measures such as MFA and administrative access control, and describes the integration of threat intelligence and pre-breach services to enhance policyholder security.
In the latest weekly update, ISMG editors discussed the fallout from the recent Snowflake breach and its impact on 165 companies and their users, the ongoing challenges in combating online fraud, and takeaways from ISMG's cybersecurity summit in Chicago.
Who's responsible for the data breaches experienced by customers of the data warehousing platform Snowflake due to credential stuffing attacks? While users have security responsibilities, multiple platforms - including Snowflake - have shortcomings they must urgently address.
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
Generali Poland’s innovative approach to cyber insurance includes an anti-phishing initiative and market education efforts to enhance cyber resilience. Learn how these measures aim to support small and medium-sized businesses in Poland - and bridge the knowledge gap in cybersecurity.
Multifactor authentication is a must-have security defense for repelling outright credential stuffing and password spraying attacks. But no defense is foolproof. Attackers have been refining their tactics for bypassing MFA, including using technology and trickery.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.