A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.
Zero Trust has become a cybersecurity marketing buzzword. But Kelsey Nelson of Okta sheds light on the realities of the Zero Trust approach, with a specific focus on the identity and access management component of the strategy.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
The National Institute of Standards and Technology has released three biometric datasets to help organizations research new types of secure digital identification systems and authentication processes. NIST also released a study on facial recognition technology that raises some concerns.
One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
As a security leaders, too often you are brought to the table after a digital transformation project has been initiated, so you are forced to take a reactive position. But Adam Bosnian of CyberArk sees an important, proactive role for security. And a good start is by ensuring privileged access management is a key...
The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.
Some 4 terabytes of data on over 1.2 billion individuals - including LinkedIn and Facebook profiles - was exposed to the internet on an unsecured Elasticsearch server, according to an analysis by a pair of independent researchers.