Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Microsoft Adds GPS Location to Identity & Access Control in Azure AD
New capabilities let admins restrict access to resources from privileged access workstations or regions based on GPS location.
Can Organizations Secure Remote Workers for the Long Haul?
By focusing on protection instead of detection, organizations can defend against targeted attacks without compromising security or productivity.
Your Digital Identity's Evil Shadow
In the wrong hands, these shady shadows are stealthy means to bypass security systems by hiding behind a proxy with legitimate IP addresses and user agents.
The Challenge of Securing Non-People Identities
Non-people identities, which can act intelligently and make decisions on behalf of a person's identity, are a growing cybersecurity risk.
Attacks Targeting ADFS Token Signing Certificates Could Become Next Big Threat
New research shows how threat actors can steal and decrypt signing certificates so SAML tokens can be forged.
Name That Toon: Greetings, Earthlings
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
How to Attack Yourself Better in 2021
Social engineering pen testing is just one step in preventing employees from falling victim to cybercriminals.
2020 Changed Identity Forever; What's Next?
For all the chaos the pandemic caused, it also sparked awareness of how important an identity-centric approach is to securing today's organizations.
Security Gaps in IoT Access Control Threaten Devices and Users
Researchers spot problems in how IoT vendors delegate device access across multiple clouds and users.
How the Biden Administration Can Make Digital Identity a Reality
A digital identity framework is the answer to the US government's cybersecurity dilemma.
Thycotic & Centrify Merge to Form Cloud Identity Security Firm
The combined entity will expand on both companies' privileged access management tools and expects to debut a new brand this year.
8 Security & Privacy Apps to Share With Family and Friends
Mobile apps to recommend to the people in your life who want to improve their online security and privacy.
7 Ways to Reduce Cyber Threats From Remote Workers
The pandemic's decline won't stop the work-from-home trend nor the implications for cybersecurity, so it's crucial to minimize the threats.
Advice From Security Experts: How to Approach Security in the New Normal
Here are the biggest lessons they've learned after a year of work from home, and how they advise their counterparts at organizations to proceed as a result of those lessons.
How Personally Identifiable Information Can Put Your Company at Risk
By being more mindful of how and where they share PII, employees will deprive cybercriminals of their most useful tool.
Facebook Expands Security Key Support to iOS & Android
Facebook's announcement arrives the same week Twitter enabled support for multiple security keys on user accounts.
IronNet Cybersecurity to Go Public in Merger
Company intends for the deal to drive adoption of its Collective Defense Platform.
Combating Call Center Fraud in the Age of COVID
With many agents now working from home, call centers require new technology, new processes, and a new way of thinking about security.
Why Cloud Security Risks Have Shifted to Identities and Entitlements
Traditional security tools focus on the network perimeter, leaving user and service accounts vulnerable to hackers.
NSA Releases Guidance on Zero-Trust Architecture
A new document provides guidance for businesses planning to implement a zero-trust system management strategy.
Inside Strata's Plans to Solve the Cloud Identity Puzzle
Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm.
Strata Identity Raises $11M in Series A Round
The series A round of funding, led by Menlo Ventures, will help Strata scale its distributed identity technology.
You've Got Cloud Security All Wrong: Managing Identity in a Cloud World
In a hybrid and multicloud world, identity is the new perimeter and a critical attack surface for bad actors.
7 Things We Know So Far About the SolarWinds Attacks
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.
SolarWinds Attack Reinforces Importance of Principle of Least Privilege
Taking stock of least-privilege policies will go a long way toward hardening an organization's overall security posture.
Microsoft Security Business Exceeds $10B in Revenue
Microsoft's security division has grown more than 40% year-over-year, the company reports alongside security product updates.
Over-Sharer or Troublemaker? How to Identify Insider-Risk Personas
It's past time to begin charting insider risk indicators that identify risky behavior and stop it in its tracks.
COVID-19's Acceleration of Cloud Migration & Identity-Centric Security
Here are some tips for updating access control methods that accommodate new remote working norms without sacrificing security.
Microsoft Ups Security of Azure AD, Identity
A roundup of Microsoft's recent security news and updates that focus on protecting identity.
Corporate Credentials for Sale on the Dark Web: How to Protect Employees and Data
It's past time to retire passwords in favor of other methods for authenticating users and securing systems.
Cloud Identity and Access Management: Understanding the Chain of Access
Here's where enterprises encounter challenges with cloud IAM and the best practices they should follow to correct these mistakes.
The Holiday Shopping Season: A Prime Opportunity for Triangulation Fraud
As e-commerce sales increase, so does the risk of hard-to-detect online fraud.
What's in Store for Privacy in 2021
Changes are coming to the privacy landscape, including more regulations and technologies.
3 Tips For Successfully Running Tech Outside the IT Department
When marketing opts for "extra-departmental IT," coordination and communication are required to keep things secured.
How to Avoid Getting Killed by Ransomware
Using a series of processes, infosec pros can then tap automated data hygiene to find and fix files that attackers key in on.
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
Neural Networks Help Users Pick More-Secure Passwords
Typically, blocklists are used to prevent users from picking easily guessable patterns, but a small neural network can do the same job and suggests that complex password requirements are not necessary.
A Pause to Address 'Ethical Debt' of Facial Recognition
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
Credential-Stuffing Attacks Plague Loyalty Programs
But that's not the only type of web attack cybercriminals have been profiting from.
Dealing With Insider Threats in the Age of COVID
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
Attacks involving an unmanaged device and no malware expose gaps in cybersecurity that must be addressed.
Building the Human Firewall
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Microsoft Tops Q3 List of Most-Impersonated Brands
The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing.
Online Voting Is Coming, but How Secure Will It Be?
It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.
A 7-Step Cybersecurity Plan for Healthcare Organizations
With National Cybersecurity Awareness Month shining a spotlight on the healthcare industry, security pros share best practices for those charged with protecting these essential organizations.
Why MSPs Are Hacker Targets, and What To Do About It
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
Researchers Adapt AI With Aim to Identify Anonymous Authors
At Black Hat Asia, artificial intelligence and cybersecurity researchers use neural networks to attempt to identify authors, but accuracy is still wanting.
Biometric Data Collection Demands Scrutiny of Privacy Law
An IT lawyer digs into the implications of collecting biometric data, why it can't be anonymized, and what nations are doing about it.
Permission Management & the Goldilocks Conundrum
In today's COVID-19 era, managing access has become even more difficult, especially for large organizations. Here's how to get it "just right."
8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
|
2021 Top Enterprise IT TrendsWe've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Tweet This
0 Comments
