What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
In less than a month, President-elect Joe Biden will be sworn into office and immediately confront a list of cybersecurity problems ranging from a now-leaderless CISA to the SolarWinds breach. Here's how security experts - and former government leaders - see the administration's cyber policies taking shape.
Global messaging app WhatsApp's instant payment service went live in India on Dec.16. But despite its two-factor authentication being accepted by leading banks, there are concerns about potential security issues.
Software vendor SolarWinds has updated multiple versions of its Orion network-monitoring software to address the Sunburst backdoor that was added to its code and to block Supernova malware that exploited a vulnerability in Orion. But incident response experts have warned that full cleanup may take years.
A recently uncovered payment card skimmer is targeting several large content management systems that support the online checkout pages of dozens of e-commerce sites, according to researchers with Sansec. The malware works by using a keylogger to harvest payment and personal data.
Kawasaki Heavy Industries is reporting that an unknown threat actor gained access to its internal network through servers located in an overseas office, according to a company statement. The result: Some corporate data may have leaked to a third party.
The SolarWinds breach is a case study in how attackers can subvert a widely used piece of software to turn it to their advantage, says Lou Manousos, CEO of RiskIQ. The attack surface management expert details lessons all organizations must learn in the wake of this "unprecedented" attack.
Citrix is warning its customers that attackers are taking advantage of the company's ADC products to conduct and amplify DDoS attacks, according to a notification published by the firm. A permanent fix to address this security issue won't be available until January.
Britain's National Crime Agency says 21 individuals have been arrested on suspicion of purchasing personally identifiable information from the WLeakInfo website. Authorities say the site provided access to more than 12 billion personal records culled from 10,000 data breaches.
More than two years after Europe's tough new General Data Protection Regulation came into full effect, EU privacy watchdogs are finding more consensus, and consumers have been benefiting, experts say. But how regulators apply sanctions, in particular, remains a work in progress.
Microsoft warned CrowdStrike of a failed attempt by unidentified attackers to access and read the company's emails, according to a blog post published by the security firm. The unsuccessful hacking incident is reportedly tied to the breach of SolarWinds.
To enhance organizations' security postures in the year ahead, CISOs must strengthen authentication processes, increase the use of network segmentation tools and deploy effective threat intelligence capabilities, two CISOs recommend.
Federal, state and local governments are among the many victims of the supply chain attack that backdoored the SolarWinds' Orion network-monitoring software, and victims "may need to rebuild all network assets" being monitored by the software, the U.S. Cybersecurity and Infrastructure Security Agency warns.
He's commanded armed forces, directed the National Security Agency, and now he is president of vendor IronNet Cybersecurity. From this unique perspective, retired General Keith Alexander says the SolarWinds breach is "a call for action."
The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.