Microsoft said Iranian state hackers are using a newly developed backdoor to target organizations in the American defense industrial base. The Iranian state threat actor that Microsoft tracks as Peach Sandstorm employed a custom backdoor named FalseFont.
Okta finalized an agreement to acquire Spera Security, saying the purchase will expand its ability to track risky accounts and access misconfigurations. Spera, a Tel Aviv startup, touts itself as a tool for giving security teams "real-time visibility into their entire identity surface."
Tech and security analysts predict enterprises will shift to passwordless authentication for users to enable modern digital transformation. This is mainly prompted by the problems that have plagued passwords: they’re costly and burdensome to manage; they cause poor user experiences; and they are easily...
Okta has paused product development and internal projects for 90 days to beef up its security architecture and operations for applications, hardware and third-party vendors. Okta will move to strengthen its cyber posture, including a security action plan and engaging with third-party cyber firms.
Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential-stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
Widely used password management software provider 1Password said a hacker breached had one of its systems but failed to steal any sensitive data, after stealing a valid session cookie from the customer support system of its access and identity management provider, Okta.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
This week: Google began phasing out passwords, Microsoft to bid VBScript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S. voter registration data stolen from the District of Columbia, and Volex reports a hack attack.
Protecting your data from breaches is only one aspect of enterprise security, but it's important to go further to ensure that your secrets will remain safe – even in the unlikely event of a breach. Your information shouldn't just be protected by an account password, but also by a unique Secret Key: a 128-bit,...
The best way to level-up your existing IAM infrastructure is to add a single sign-on (SSO) to protect logins for approved apps. This guide will show you the benefits of a combined approach, in which company-approved and non-approved logins are attached to a single, strongly vetted identity to simplify administration,...
End-to-end encryption is critical for protecting sensitive data, such as passwords, documents, and payment information. If your data isn't being stored securely at all points, you're at risk. End-to-end encryption creates an improved security environment by providing greater visibility into potential breaches and...
Password security is a critical start for protecting devices and networks from malicious threats. However, implementing successful password security can be easier said than done. Do you have employees who are worried they won't remember something more complex than "password123"? Are you looking for 7 actionable steps...
Year after year, the rise in large-scale data breaches is faster and steeper. Not only is your business at risk, but so are your customers – as we keep learning, the hard way.
As we adjusted to the pandemic, cybersecurity trended – quite unfortunately – in the wrong direction. While our work lives merged with...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.