One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
The latest edition of the ISMG Security Report offers an in-depth analysis of how to prevent data exposure in the cloud. Plus: why PCI's new contactless payment standard lacks PINs, and how to go beyond the hype to accurately define "zero trust."
Visa's move to no longer offer one-time passwords for smaller card-not-present transactions - up to INR 2000 - in India is drawing a mixed reaction. While proponents say the move will lead to wider use of digital payments, critics argue it will weaken security.
Identity attacks such as phishing, credential stuffing, and brute-force-attacks are increasingly common and sophisticated methods for committing account takeovers. These attacks result in increased security risks, brand damage, and outright fraud.
Download this whitepaper to learn how to keep attackers at bay...
IT teams want to provision their workforces to cloud and on-prem apps with ease while avoiding unnecessary manual work. Employees want to move past the frustration of individual daily sign-ons. What's needed is a single solution that simultaneously automates provisioning for IT teams while simplifying sign-ins for...
What is a "reasonable" response to a cyber incident? Following a recent roundtable dinner discussion of the topic, Jonathan Nguyen-Duy of Fortinet discusses getting cyber right.
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
The sheer number and destructive nature of recent data breaches is both alarming and discouraging - but there's still cause to be hopeful. Nearly three-quarters of these attacks were due to the same vulnerability: weak or stolen credentials.
Download this white paper to learn:
What are strong authentication...
The unrelenting tide of data breach and compliance challenges continues to plague an increasingly mobile workforce and business models. This has caused a dynamic transformation in the way employees, partners, contractors, and visitors are authenticated.
Download this white paper to learn more about:
The move...
All enterprises need to grant their employees access to the right digital and physical resources. They also need to digitize their businesses, protect their data, and comply with various local and global regulations.
Nexus helps resolve these identity challenges that most enterprises face, regardless of the...
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.
Following racist and anti-Semitic tweets being posted for a short time to Twitter CEO Jack Dorsey's hijacked account - despite his use of two-factor authentication - Twitter blamed the security lapse on an unnamed mobile provider. A group called "Chuckling Squad" appears to be responsible.
The promise of an integrated identity and risk platform that continuously monitors a myriad of suspicious activities across channels and applications, and dynamically orchestrates authentication and authorization actions has been around for over a decade. Many organizations and technology vendors have attempted to...
Iran is increasing its malicious cyber activity against the U.S, which could manifest in attacks that render computers unusable, a top U.S. cybersecurity official says. The warning comes after the U.S. reportedly targeted Iranian computer systems in response to the downing of a surveillance drone.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
