Great security or great UX? Both, please 2024-01-30 at 08:02 By Help Net Security A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want the user to strongly validate their […]
React to this headline:
Great security or great UX? Both, please Read More »
Attackers can steal NTLM password hashes via calendar invites 2024-01-22 at 15:46 By Zeljka Zorz A recently patched vulnerability in Microsoft Outlook (CVE-2023-35636) that can be used by attackers to steal users’ NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has
React to this headline:
Attackers can steal NTLM password hashes via calendar invites Read More »
Out with the old and in with the improved: MFA needs a revamp 2024-01-19 at 08:02 By Help Net Security From AI to ZTA (zero-trust architecture), the technology responsible for protecting your company’s data has evolved immensely. Despite the advances, cybercriminals repeatedly find new and creative ways to gain access to sensitive information. This can
React to this headline:
Out with the old and in with the improved: MFA needs a revamp Read More »
Digital nomads amplify identity fraud risks 2024-01-19 at 06:31 By Help Net Security The number of foreign document verification cases in all parts of the world has grown by an average of 21% since the summer of 2021, according to Regula. It’s even higher in the US and UAE: these countries are experiencing a 25%
React to this headline:
Digital nomads amplify identity fraud risks Read More »
Security considerations during layoffs: Advice from an MSSP 2024-01-17 at 08:01 By Help Net Security Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee
React to this headline:
Security considerations during layoffs: Advice from an MSSP Read More »
3 ways to combat rising OAuth SaaS attacks 2024-01-16 at 07:31 By Help Net Security OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the
React to this headline:
3 ways to combat rising OAuth SaaS attacks Read More »
Understanding zero-trust design philosophy and principles 2024-01-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. Vachon explores challenges in implementing zero trust,
React to this headline:
Understanding zero-trust design philosophy and principles Read More »
Breaking down the state of authentication 2024-01-05 at 07:02 By Help Net Security In this Help Net Security video, Bassam Al-Khalidi, co-CEO of Axiad, discusses the results of Axiad’s recent State of Authentication Survey. Key findings from the survey revealed: – 39% indicated phishing is the most feared cyberattack, while 49% said it is the
React to this headline:
Breaking down the state of authentication Read More »
Cybersecurity challenges emerge in the wake of API expansion 2024-01-03 at 08:01 By Mirko Zorz In this Help Net Security interview, Vedran Cindric, CEO at Treblle, discusses the exponential growth of AI-related APIs, citing a 96% increase in 2023. He sheds light on the integral role APIs play in powering AI interactions, revealing the invisible
React to this headline:
Cybersecurity challenges emerge in the wake of API expansion Read More »
Wi-Fi 7’s mission-critical role in enterprise, industrial networking 2024-01-02 at 06:31 By Mirko Zorz As we transition from Wi-Fi 6 to the more advanced Wi-Fi 7, we uncover the significant enhancements in speed, efficiency, and spectrum usage that set it apart from its predecessors. In this Help Net Security interview, Tiago Rodrigues, CEO at Wireless
React to this headline:
Wi-Fi 7’s mission-critical role in enterprise, industrial networking Read More »
Why you need to extend enterprise IT security to the mainframe 2023-12-29 at 07:32 By Help Net Security Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the incompatibility of tools designed for both mainframes and enterprise settings, resulting in disparate solutions, training
React to this headline:
Why you need to extend enterprise IT security to the mainframe Read More »
3 main tactics attackers use to bypass MFA 2023-12-26 at 07:09 By Help Net Security Notable security breaches have bypassed MFA to compromise taxi broker Uber, games company EA, and authentication business Okta, according to SE Labs. CISOs must bolster MFA protections SE Labs advised CISOs to step-up their efforts against attacks on systems protected
React to this headline:
3 main tactics attackers use to bypass MFA Read More »
A closer look at LATMA, the open-source lateral movement detection tool 13/12/2023 at 08:01 By Help Net Security In this Help Net Security video, Gal Sadeh, Head of Data and Security Research at Silverfort, discusses LATMA, a free, open-source tool. It’s engineered with advanced algorithms to track and report any unusual activity within an environment.
React to this headline:
A closer look at LATMA, the open-source lateral movement detection tool Read More »
Many popular websites still cling to password creation policies from 1985 12/12/2023 at 09:01 By Helga Labus A significant number of popular websites still allow users to choose weak or even single-character passwords, researchers at Georgia Institute of Technology have found. Websites’ lax creation policies for passwords The researchers used an automated account creation method
React to this headline:
Many popular websites still cling to password creation policies from 1985 Read More »
Short-term AWS access tokens allow attackers to linger for a longer while 07/12/2023 at 17:32 By Zeljka Zorz Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated with an
React to this headline:
Short-term AWS access tokens allow attackers to linger for a longer while Read More »
Keyless Goes Independent, Raises $6M for Biometric Authentication 29/11/2023 at 19:01 By Ryan Naraine British startup building biometric authentication technology has snagged $6 million in a new round of funding led by Rialto Ventures. The post Keyless Goes Independent, Raises $6M for Biometric Authentication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Keyless Goes Independent, Raises $6M for Biometric Authentication Read More »
Okta breach: Hackers stole info on ALL customer support users 29/11/2023 at 14:16 By Zeljka Zorz The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta
React to this headline:
Okta breach: Hackers stole info on ALL customer support users Read More »
Strategies for cultivating a supportive culture in zero-trust adoption 29/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability. Goerlich emphasizes the
React to this headline:
Strategies for cultivating a supportive culture in zero-trust adoption Read More »
How passkeys are reshaping user security and convenience 28/11/2023 at 08:34 By Mirko Zorz In this Help Net Security interview, Anna Pobletts, Head of Passwordless at 1Password, talks about passkey adoption and its acceleration in 2024. This trend is particularly notable among highly-regulated services like fintech and banking, where users seek a sign-in experience that
React to this headline:
How passkeys are reshaping user security and convenience Read More »