A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.
Zero Trust has become a cybersecurity marketing buzzword. But Kelsey Nelson of Okta sheds light on the realities of the Zero Trust approach, with a specific focus on the identity and access management component of the strategy.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
Credential stuffing is a growing problem that's difficult to address, says Troy Hunt, creator of the Have I Been Pwned data breach notification service, who sizes up mitigation efforts.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
The National Institute of Standards and Technology has released three biometric datasets to help organizations research new types of secure digital identification systems and authentication processes. NIST also released a study on facial recognition technology that raises some concerns.
Government agencies have been charged with modernizing their IT systems - a move that's been accelerated by the widespread adoption of cloud and mobile technologies.
Learn the key steps to take today that will help secure access to applications in the cloud and mobile environments.
Read this eBook to learn how...
State and local governments face a rising tide of ransomware attacks resulting in costly service and productivity disruptions. Often, these attacks involve compromised user credentials. Public agents must rethink their approach to controlling who or what can access IT resources and under which circumstances.
This...
As a security leaders, too often you are brought to the table after a digital transformation project has been initiated, so you are forced to take a reactive position. But Adam Bosnian of CyberArk sees an important, proactive role for security. And a good start is by ensuring privileged access management is a key...
One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
As a security leaders, too often you are brought to the table after a digital transformation project has been initiated, so you are forced to take a reactive position. But Adam Bosnian of CyberArk sees an important, proactive role for security. And a good start is by ensuring privileged access management is a key...
The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.
The insurance industry has a significant fraud problem. Whether targeting the insurance carrier, broker or policyholder, scams are a large financial burden for all stakeholders.
Insurance firms must take deliberate steps to implement a comprehensive customer authentication and fraud prevention strategy.
In this...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
