Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
Jeremy Grant, coordinator of the Better Identity Coalition, offers a progress report on the 3-year-old organization's efforts to help prevent breaches with better identity management.
The federal government and states should add more layers of authentication, including biometrics, to thwart fraudsters' efforts to obtain unemployment benefits, says Eva Velasquez, president and CEO at the Identity Theft Resource Center.
Bloomberg has stood firm on its controversial story from two years ago asserting that China implanted a tiny chip on motherboards made by Supermicro. But rather than proving its contention in a follow-up, it may have inflicted more reputational damage upon itself.
Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.
The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.
When he co-founded the firm Beyond Identity in 2020, serial entrepreneur Jim Clark said he felt somewhat responsible for the proliferation of passwords. Now he and partner Tom Jermoluk are doing something about it. They are providing access to their passwordless technology for free. Clark explains why.
The U.S. Cybersecurity and Infrastructure Security Agency warns that hackers are increasingly targeting cloud services by waging phishing schemes and brute-force attacks. CISA recommends a number of defenses, including regularly reviewing Active Directory sign-in logs and enforcing multifactor authentication.
"Multisectoral" authentication can help to ensure that government benefits are provided to the right recipients, says Joni Brennan, president of the Digital ID & Authentication Council of Canada.
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
Following the discovery that attackers Trojanized SolarWinds' Orion software, expect the list of organizations that were running the backdoored network-monitoring tool to keep increasing. But with this being a suspected cyberespionage operation, attackers likely focused on only the juiciest targets.
Why identity is your #1 security problem
Watch the Computer Weekly interview
Bryan Glick, editor-in-chief at Computer Weekly, speaks to Okta's Max Faun about identity and security, covering:
Why 81% of cybersecurity breaches are password-related
How Customer Identity and Access Management (CIAM) can help you...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.