Insurer State Farm has been hit by a credential-stuffing attack designed to gain access to U.S. customers' online accounts, a company spokesperson confirms.
Security firm UpGuard found that a misconfigured Amazon S3 bucket belonging to the Democratic Senatorial Campaign Committee left the email addresses of more than 6 million U.S. citizens exposed to the internet. The bucket has since been secured.
Monzo, a U.K. mobile-only bank that plans to expand into the U.S., alerted about 480,000 customers to change their PINs this week after the company's security team found that a software bug meant some numbers were stored unencrypted in plaintext.
For financial institutions, every new customer heralds an opportunity - but if the organization doesn't know enough about that customer there may be risks as well. Using know your client (KYC) and customer due diligence (CDD) checks as an initial first line of defense in reducing the risk of money laundering and...
We see a counterintuitive future whereby better security no longer means a more complicated or cumbersome user experience. We see a future in which users happily take control of their privacy, out-of-band mobile MFA is the norm, and nobody suffers the fallout from the last major credential breach. This future is free...
Gates Corporation CISO Sam Masiello on how they brought their vision of a global authentication authority to life with advisory, configuration, deployment, and employee training.
Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how Okta identity and access management brings security stability and supports a zero trust framework.
The promise of an integrated identity and risk platform that continuously monitors a myriad of suspicious activities across channels and applications, and dynamically orchestrates authentication and authorization actions has been around for over a decade. Many organizations and technology vendors have attempted to...
A massive botnet attack earlier this year utilized more than 400,000 connected devices over the course of 13 days, according to researchers at the security firm Imperva.
Many organizations use Active Directory as their domain network management tool of choice. But security experts warn that without locking down and regularly auditing AD, the ease of use that it provides to network administrators can also be tapped by hackers. Start here for essential defenses.
Warning: Attackers are abusing poorly secured and managed implementations of Microsoft Windows Active Directory to hack organizations and distribute ransomware. Fewer old operating systems and greater Active Directory security knowledge are helping mitigate the threat. But experts say more must be done.
Ensuring your employees have the right level of access to their work, and nothing more has never been easy. It's even more challenging now for IT to ensure that a user is who they say they are with users bringing more apps, devices, and networks into the workplace. Combining access and authentication solutions to one...
A major misconception about cloud IAM is that it's easy to implement, says Mark Perry, CTO for APAC at Ping Identity. Implementation poses challenges, and cloud IAM must be carefully integrated with other systems, he says.
Misconfigured file storage technologies and a lack of basic security controls are the root causes for the inadvertent online exposure of 2.3 billion files worldwide that contain personal information, including sensitive medical data, says Harrison Van Riper, a security researcher at Digital Shadows.
With continued data breaches occurring, and heavy fines making headlines, the time is now to think more proactively about applying granular access controls to protect your unstructured data from accidental and malicious data loss.
In this webinar, we will look at typical use cases and demands - in particular data...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
