This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.
The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.
Banking institutions, cryptocurrency exchanges and other companies have begun implementing video-based identity verification. But deepfake technology can be used to circumvent these security checks, says Ilya Volovik, a researcher at Gemini Advisory.
A hacker breached a Florida city's water treatment network, increasing the amount of lye that would be added to the water to a dangerous level. Officials say they caught the change immediately and reversed it. Reuters reports that the system was accessed via the city's TeamViewer remote access software.
Microsoft's security team says the company's Office 365 suite of products did not serve as an initial entry point for the hackers who waged the SolarWinds supply chain attack. And SolarWinds' CEO says that no Office 365 vulnerability has been identified that would have opened the door to the attack.
Biometrics, device-based risk scoring solutions and geo location can be helpful tools for tackling ID fraud, says Trace Fooshee, senior analyst at Aite Group, who calls for a layered approach.
The latest edition of the ISMG Security Report features an analysis of this week’s police takedowns of Emotet and Netwalker cybercrime operations. Also featured: Updates on passwordless authentication and the use of deception technology.
Multi-cloud and hybrid cloud solutions are great enablers for organizations, but managing IAM across multiple entities that are ever expanding in capability and use? Big challenges. But here's an opportunity to re-do enterprise IAM. Join Tom Malta of Navy Federal Credit Union for insight on business requirements,...
"Multisectoral" authentication can help to ensure that government benefits are provided to the right recipients, says Joni Brennan, president of the Digital ID & Authentication Council of Canada.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
What's needed to make a shift from traditional IAM to CIAM? To start, an organization needs to look at fraud detection solutions and risk-based authentication technologies such as device intelligence and behavioral biometrics, says David Britton of Experian.
Data collected through customer identity and access management can play an important role in fraud investigations, says Simon Marchand, chief fraud prevention officer at Nuance Communications.
The security challenges presented by the COVID-19 pandemic, including managing a remote workforce, point to the need to prioritize identity management, say Rebecca Archambault of Blue Cross Blue Shield and Jeremy Grant of the law firm Venable.
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.