Privileged access management is cited as a major concern for enterprises moving workloads to Amazon Web Services (AWS) cloud environments. Managing identities with elevated permissions and cloud entitlements allows organizations to control risk by reducing their attack surface and mitigating the impact of privilege...
Microsoft has indicated it will make changes to reduce the risk around what a security vendor says is a vulnerability that lets attackers run brute-force credential attacks against Azure Active Directory. The issue was reported to Microsoft in June by SecureWorks' Counter Threat Unit.
After a turbulent 2020 dominated by dramatic change, cybersecurity experts everywhere are looking ahead at newly emerging and rapidly evolving threats and the ways in which IAM and IGA are adapting to stop them. But how much of what you’re hearing is hyperbole, and how much should you take to heart?
Join SecurID...
Dwell time, double extortion, supply chain attacks - ransomware has changed considerably over the course of the year, and CyberArk's Andy Thompson says there is much we can learn from the attacks - both the unsuccessful and successful ones - and how they take root.
Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.
Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
Implementing a comprehensive identity security program might be described as a Holy Grail. But what does it mean to reduce the complexity for organizations and their employees? CyberArk's David Higgins outlines how to modernize an organization’s identity and access management, or IAM.
As organizations find themselves amid cloud migration, what should they be discussing in regard to what they want to move to the cloud and how to protect identities? CyberArk's Khizar Sultan offers his vision of a migration road map and milestones.
At least 10 U.S. government agencies are planning to increase the use of facial recognition technologies by 2023, according to a GAO report. The growing utilization comes as facial recognition technology raises privacy concerns.
As the lines blur between identity and privilege, there is a growing set of solutions to secure the anytime, anywhere workforce. Archit Lohokare, CyberArk’s vice president of product management, discusses passwordless authentication, zero trust and other ways enterprises are modernizing identity and access.
At least 38 million records have been leaked by hundreds of online portals that were unwittingly misconfigured by organizations using Power Apps, a Microsoft service to quickly spin up web apps. Microsoft has now changed default settings for Power Apps to prevent inadvertent data exposures.
With more than 61% of breaches attributed to stolen passwords, a password manager can go a long way in helping enterprises enhance security, say Chandan Pani, CISO at Mindtree, and Lloyd Evans, identity lead, JAPAC, at LogMeIn.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.