Provisioning and deprovisioning employee credentials is a critical component of mitigating insider threats, says Andrew Clarke of One Identity, who discusses the importance of identity and access management.
When it comes to drivers for implementing and maintaining privileged access management programs, Wallix's Grant Burst says that demonstrating compliance and safety remain top priorities. Another driver, he says, is the sheer interconnectedness of devices - driven by the rise of IoT.
Hacking and extortion attempts against organizations have unfortunately become all too commonplace these days. On Tuesday, an unlikely victim went public: the British band Radiohead. But was the band really a hacking and extortion victim?
What stands out most about a proposed $74 million settlement of a class action lawsuit against Premera Blue Cross in the wake of a 2014 data breach? Technology attorney Steven Teppler offers insights in this interview.
A new botnet called GoldBrute is actively scanning the internet and using brute-force methods to attack 1.5 million Windows machines that have exposed Remote Desktop Protocol connections, according to research from Morphus Labs. The goal of group controlling the botnet is not clear.
The latest edition of the ISMG Security Report describes Apple's newly announced single sign-on function that's built with privacy in mind. Plus, a discussion of the "other" insider threat and an Infosecurity Europe conference recap.
As spotlighted by the recent American Medical Collection Agency breach impacting at least four clients and more than 20 million of those companies' patients so far, vendor risk management is an increasingly critical component of information security, says Eddie Chang of Travelers Insurance.
Apple will introduce a feature in its new iOS 13 operating system later this year that allows the use of Apple credentials to log into other services. The feature is designed to reduce the amount of personal information that app developers obtain, a clear shot across the bow of Facebook and Google.
First American Mortgage Corp. left what appears to be 16 years of mortgage and financial data on its website open without authentication. The data has been taken offline, but it's unclear if it may have been accessed by hackers.
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
Every day needs to be password security day - attackers certainly aren't dormant the other 364 days of the year. But as World Password Day rolls around again, there's cause for celebration as Microsoft finally stops recommending periodic password changes.
Russian national Anton Bogdanov has been charged with stealing more than $1.5 million from the Internal Revenue Service via a tax return fraud scheme. He was arrested last November while on vacation in Thailand, at U.S. request, and subsequently extradited.
The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.