It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
Speech recognition has become a powerful tool for authenticating customers in a seamless manner, says Sekar Jaganathan, director of digital strategy at Malaysia’s Kenanga Investment Bank.
Asian organizations are beginning to look at extending digital identity beyond the traditional internal enterprise IAM stack to customer identity and access management, or CIAM, says Alex Laurie, senior vice president at ForgeRock.
Bloomberg has stood firm on its controversial story from two years ago asserting that China implanted a tiny chip on motherboards made by Supermicro. But rather than proving its contention in a follow-up, it may have inflicted more reputational damage upon itself.
Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.
The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.
Organizations in the APAC region are not immune to the impact of the SolarWinds supply chain hack, so it's essential that they reassess their risk management practices and audit their suppliers, two security experts stress.
When he co-founded the firm Beyond Identity in 2020, serial entrepreneur Jim Clark said he felt somewhat responsible for the proliferation of passwords. Now he and partner Tom Jermoluk are doing something about it. They are providing access to their passwordless technology for free. Clark explains why.
In defining an IAM strategy for the cloud, CISOs need to automate the processes of provisioning, de-provisioning, monitoring and auditing as well as implementing federated access and API integration, says Rushdhi Mohammad, information security officer at the Industrial Bank of Kuwait.
Organizations with largely remote workforces must strengthen their dynamic authentication processes to enhance security, says Sridhar Sidhu, senior vice president and head of the information security services group at Wells Fargo.
"Multisectoral" authentication can help to ensure that government benefits are provided to the right recipients, says Joni Brennan, president of the Digital ID & Authentication Council of Canada.
Global messaging app WhatsApp's instant payment service went live in India on Dec.16. But despite its two-factor authentication being accepted by leading banks, there are concerns about potential security issues.
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
Following the discovery that attackers Trojanized SolarWinds' Orion software, expect the list of organizations that were running the backdoored network-monitoring tool to keep increasing. But with this being a suspected cyberespionage operation, attackers likely focused on only the juiciest targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.