In his first remarks about the massive hacking operation that leveraged a tainted SolarWinds Orion software update, President Donald Trump on Saturday downplayed the seriousness of the incident and contradicted Secretary of State Mike Pompeo, who had pointed a finger at Russia.
The NSA has issued a warning about two hacking techniques that could allow threat actors to access cloud resources by bypassing authentication mechanisms. The alert follows a week's worth of revelations over the SolarWinds breach that has affected government agencies and other organizations.
Lawmakers are pressing government agencies for answers following disclosures this week about an advanced persistent threat group's massive hacking campaign involving compromised SolarWinds Orion network management software. Secretary of State Mike Pompeo said Friday Russians "engaged in this activity."
The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Provisioning and Access Governance solutions that are now increasingly aided by intelligent features. This Leadership Compass will give an overview and insights into the IGA market, providing you a...
See why Forrester analysts rank IBM as a Leader for risk-based authentication in this new report. We believe that IBM's integration of our fraud protection and access management technology, advanced authentication options, and risk-based adaptive access capabilities helped us earn this recognition.
Register now to...
Brand impersonation - it isn't just a marketing or reputational issue. It's an InfoSec problem, says Shashi Prakash, CTO and co-founder of Bolster. He describes the growing problem and why security is best positioned to lead detection and response.
Intel and Cisco are among the thousands of SolarWinds Orion customers that were running a Trojanized version of the security software. FireEye, together with Microsoft and GoDaddy, have devised a "kill switch" to disrupt attackers' ability to access the malware on at least some infected systems.
A mighty effort is underway to figure out which organizations may have been deeply infiltrated by a suspected Russian hacking group following the SolarWinds hack. The hunt is difficult for many reasons, some experts say, and may never result in definitive answers about whether data was stolen.
A Deloitte survey has revealed that more than 90% of C-level executives slate less than 10% of their cybersecurity budgets to digital transformation projects.This large gap between budgets and technologies creates a cyber vulnerability, where the newest and least understood digital systems are potentially unmonitored...
As we near the end of one year of living with COVID-19, the pandemic is creating new U.S. daily records for infections, hospitalizations and deaths. "The whole country is on fire," says pandemic expert Regina Phelps.
Point-of-sale device manufacturers Verifone and Ingenico have released fixes for flaws in some of their devices after researchers found the vulnerabilities could have enabled attackers to steal payment card data, clone cards or install malware.
Vulnerability management is vulnerable. This year's transformation has revealed new gaps in processes and tools, inspiring a new evolution to the discipline of Vulnerability Management, Detection and Response. Mehul Revankar of Qualys discusses VMDR and how to embrace it.