As spotlighted by the recent American Medical Collection Agency breach impacting at least four clients and more than 20 million of those companies' patients so far, vendor risk management is an increasingly critical component of information security, says Eddie Chang of Travelers Insurance.
Flat-out, traditional IAM practices are insufficient to secure a modern enterprise that relies on such diverse endpoints and connected devices. But API management can play a strong complementary role.
What's important is that the API management at the ingress of your organization has to consider a lot more than...
Apple will introduce a feature in its new iOS 13 operating system later this year that allows the use of Apple credentials to log into other services. The feature is designed to reduce the amount of personal information that app developers obtain, a clear shot across the bow of Facebook and Google.
First American Mortgage Corp. left what appears to be 16 years of mortgage and financial data on its website open without authentication. The data has been taken offline, but it's unclear if it may have been accessed by hackers.
Before public cloud services, large-scale computing infrastructure was expensive, hosted on-premises and reserved for big enterprises, governments, and universities. Now, anyone with a credit card can access an unlimited supply of cloud apps and computing power.
While cloud computing offers many benefits, its...
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
Cybercrime has targeted bank and payments solutions for a long time, but in the past few years has expanded its target industries to airlines, insurance, travel, retail and others. CISOs and fraud leaders that have been focused on insider threats are finding they need to consider the fraud darknet eco-system and...
Analysts state 80% of cyber security incidents are caused by credential misuse, with 54% of organisations using inflexible methods such as MS Excel to manage privileged access. Ineffective credential management can also result in the propagation of malware.
However, there is a fast and effective way of "mining"...
The 7th annual Microsoft Vulnerabilities Report for 2020 analyzes the data from security bullitens issued by Microsoft throughout 2019. Every Tuesday, Microsoft releases fixes for all vulnerabilities affecting Microsoft products, and this report compiles these releases into a year-long overview, creating a holistic...
Every day needs to be password security day - attackers certainly aren't dormant the other 364 days of the year. But as World Password Day rolls around again, there's cause for celebration as Microsoft finally stops recommending periodic password changes.
The Department of Health and Human Services' information security program has received a "not effective" rating based on an audit. What can healthcare entities learn from the finding?
Russian national Anton P. Bogdanov has been charged with stealing more than $1.5 million from the Internal Revenue Service via a tax return fraud scheme. He was arrested last November while on vacation in Thailand, at U.S. request, and subsequently extradited.
Attack Surface Manager (ASM) gives security teams unprecedented power to easily implement a cyber hygiene program to harden their networks against malicious lateral movement of cyberattackers. This paper provides an overview of common ways that Illusive's customers are using Attack Surface Manager, including...
Unix and Linux build the foundation for most business-critical systems. Thus, they present target-rich environments for cyber-attackers. Privileged Access Management (PAM) helps to mitigate such risks. To succeed, security teams must follow an integrated approach, covering both privilege elevation and centralized...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.