Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations //

Identity & Access Management

News & Commentary
79% of Companies Report Identity-Related Breach in Past Two Years
Dark Reading Staff, Quick Hits
Two-thirds of organizations surveyed say phishing is the most common cause of identity-related breaches, the IDSA reports.
By Dark Reading Staff , 5/14/2020
Comment0 comments  |  Read  |  Post a Comment
Biometrics in the Great Beyond
Curtis Franklin Jr., Senior Editor at Dark Reading
A thumbprint may be a good authentication factor for the living, but are you prepared to access mission-critical data and devices after an employee's death?
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/13/2020
Comment0 comments  |  Read  |  Post a Comment
CyberArk Acquires Idaptive for Identity-as-a-Service Tech
Dark Reading Staff, Quick Hits
The $70 million deal is intended to help CyberArk strengthen its portfolio with secure and SaaS-based identity management.
By Dark Reading Staff , 5/13/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Identity VP Shares How and Why to Ditch Passwords
Kelly Sheridan, Staff Editor, Dark ReadingNews
Passwords are on their way out, says Joy Chik, who offers guidance for businesses hoping to shift away from them.
By Kelly Sheridan Staff Editor, Dark Reading, 5/7/2020
Comment1 Comment  |  Read  |  Post a Comment
Zoom Acquires Keybase, Plans for End-to-End Encrypted Chats
Dark Reading Staff, Quick Hits
The company's first acquisition to date is part of a 90-day plan to improve security in its video communications platform.
By Dark Reading Staff , 5/7/2020
Comment0 comments  |  Read  |  Post a Comment
Breach Hits GoDaddy SSH Customers
Dark Reading Staff, Quick Hits
The October 2019 breach left some customer data open to hacking eyes.
By Dark Reading Staff , 5/5/2020
Comment0 comments  |  Read  |  Post a Comment
Apple Makes It Easier to Unlock iPhone While Wearing a Mask
Dark Reading Staff, Quick Hits
The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code.
By Dark Reading Staff , 5/1/2020
Comment0 comments  |  Read  |  Post a Comment
Industrial Networks' Newest Threat: Remote Users
Dave Weinstein, Chief Security Officer, ClarotyCommentary
We know remote working isn't going away anytime soon, so it's crucial we be extra vigilant about security for industrial networks and critical infrastructure.
By Dave Weinstein Chief Security Officer, Claroty, 5/1/2020
Comment0 comments  |  Read  |  Post a Comment
7 Secure Remote Access Services for Today's Enterprise Needs
Curtis Franklin Jr., Senior Editor at Dark Reading
Secure remote access is a "must" for enterprise computing today, and there are options for you to explore in the dynamic current environment.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/29/2020
Comment2 comments  |  Read  |  Post a Comment
Increased Credential Threats in the Age of Uncertainty
Tony Howlett, CISO at SecureLinkCommentary
Three things your company should do to protect credentials during the coronavirus pandemic.
By Tony Howlett CISO at SecureLink, 4/28/2020
Comment0 comments  |  Read  |  Post a Comment
The Evolving Threat of Credential Stuffing
Kunal Anand, Chief Technology Officer at ImpervaCommentary
Bots' swerve to focus on APIs means businesses must take the threat seriously and take effective action.
By Kunal Anand Chief Technology Officer at Imperva, 4/23/2020
Comment0 comments  |  Read  |  Post a Comment
Terahash Buys L0phtCrack in Password Merger
Dark Reading Staff, Quick Hits
The acquisition brings password cracking and password auditing capabilities together in a single company.
By Dark Reading Staff , 4/21/2020
Comment0 comments  |  Read  |  Post a Comment
Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19
Rob Smith, Research Director, Gartner Endpoint & Operations Security GroupCommentary
As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.
By Rob Smith Research Director, Gartner Endpoint & Operations Security Group, 4/20/2020
Comment1 Comment  |  Read  |  Post a Comment
Post Pandemic, Technologists Pose Secure Certification for Immunity
Robert Lemos, Contributing WriterNews
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.
By Robert Lemos Contributing Writer, 4/16/2020
Comment0 comments  |  Read  |  Post a Comment
BEC, Domain Jacking Help Criminals Disrupt Cash Transfers
Shane Shook, Venture Consultant at Forgepoint CapitalCommentary
The two hacking methods occur independently but are being used in concert to steal funds that are part of online payments and transactions.
By Shane Shook Venture Consultant at Forgepoint Capital, 4/8/2020
Comment0 comments  |  Read  |  Post a Comment
Securing Your Remote Workforce: A Coronavirus Guide for Businesses
Lance Spitzner, Director, SANS Institute Securing The Human Security Awareness ProgramCommentary
Often the hardest part in creating an effective awareness program is deciding what NOT to teach.
By Lance Spitzner Director, SANS Institute Securing The Human Security Awareness Program, 3/30/2020
Comment0 comments  |  Read  |  Post a Comment
The Wild, Wild West(world) of Cybersecurity
Bil Harmer​, CISO & Chief Evangelist at SecureAuthCommentary
Though set in the future, HBO's "Westworld" works as an allegory for the present moment in cybersecurity.
By Bil Harmer​ CISO & Chief Evangelist at SecureAuth, 3/27/2020
Comment0 comments  |  Read  |  Post a Comment
Introducing Zero-Trust Access
Rik Turner, Principal Analyst, Infrastructure Solutions, OmdiaCommentary
It's too early to tell whether ZTA will be a VPN killer or not, but major players are ramping up products in this new class of security technology that focuses on the cloud.
By Rik Turner Principal Analyst, Infrastructure Solutions, Omdia, 3/26/2020
Comment7 comments  |  Read  |  Post a Comment
How Microsoft Disabled Legacy Authentication Across the Company
Kelly Sheridan, Staff Editor, Dark ReadingNews
The process was not smooth or straightforward, employees say in a discussion of challenges and lessons learned during the multi-year project.
By Kelly Sheridan Staff Editor, Dark Reading, 3/9/2020
Comment0 comments  |  Read  |  Post a Comment
Avoiding the Perils of Electronic Communications
Lena Smart, Chief Information Security Officer, MongoDBCommentary
Twitter, Slack, etc., have become undeniably important for business today, but they can cause a lot of damage. That's why an agile communications strategy is so important.
By Lena Smart Chief Information Security Officer, MongoDB, 3/3/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
10 iOS Security Tips to Lock Down Your iPhone
Kelly Sheridan, Staff Editor, Dark Reading,  5/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5537
PUBLISHED: 2020-05-25
Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.
CVE-2020-13438
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
CVE-2020-13439
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
CVE-2020-13440
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
CVE-2020-13433
PUBLISHED: 2020-05-24
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.