credentials

The NHI management challenge: When employees leave

authentication, credentials, cybersecurity, Don't miss, Entro, Expert analysis, Expert corner, framework, Hot stuff, News, Non Human Identities, opinion /

The NHI management challenge: When employees leave 2024-10-15 at 08:01 By Help Net Security An employee is exiting your organization. Regardless of the terms of departure, an ex-staffer has the potential when they leave or change roles to impact a wide range of non-human identities, digital credentials, and other secrets. Those secrets include the credentials […]

React to this headline:

Loading spinner

The NHI management challenge: When employees leave Read More »

The role of self-sovereign identity in enterprises

1Kosmos, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, regulation /

The role of self-sovereign identity in enterprises 2024-10-08 at 07:31 By Help Net Security As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, traditional identity systems used by enterprises often expose sensitive information to unnecessary risk, leaving both users and

React to this headline:

Loading spinner

The role of self-sovereign identity in enterprises Read More »

Cracking the Cloud: The Persistent Threat of Credential-Based Attacks

Cloud, cloud security, credentials, Identity & Access /

Cracking the Cloud: The Persistent Threat of Credential-Based Attacks 2024-10-01 at 16:01 By Kevin Townsend Credentials are still the most common entry point for bad actors, even as businesses deploy multi-factor authentication (MFA) to strengthen defenses. The post Cracking the Cloud: The Persistent Threat of Credential-Based Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Cracking the Cloud: The Persistent Threat of Credential-Based Attacks Read More »

Reducing credential complexity with identity federation

authentication, credentials, cybersecurity, Descope, Don't miss, Features, Hot stuff, identity management, News, opinion, SSO /

Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying

React to this headline:

Loading spinner

Reducing credential complexity with identity federation Read More »

Hackers breaching construction firms via specialized accounting software

brute-force, credentials, Don't miss, enterprise, Hot stuff, Huntress, News, privileged accounts, SMBs /

Hackers breaching construction firms via specialized accounting software 2024-09-18 at 17:16 By Zeljka Zorz Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. “We’re seeing active intrusions among plumbing, HVAC, concrete, and similar sub-industries,” they noted. A way into corporate networks Ohio-based Foundation

React to this headline:

Loading spinner

Hackers breaching construction firms via specialized accounting software Read More »

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)

credentials, Don't miss, Dynatrace, enterprise, file-sharing, Fortra, Hot stuff, News, SQL injection, Tenable, vulnerability /

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) 2024-08-28 at 12:02 By Zeljka Zorz Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB, the attacker can perform malicious operations in the database. For

React to this headline:

Loading spinner

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) Read More »

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom

AWS, cloud security, credentials, data theft, Don't miss, extortion, Hot stuff, misconfiguration, News, Palo Alto Networks /

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom 2024-08-15 at 17:16 By Zeljka Zorz Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers

React to this headline:

Loading spinner

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom Read More »

Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds

Black Hat, credential stuffing, credentials, Identity & Access, SaaS /

Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds 2024-08-08 at 18:01 By Kevin Townsend SaaS app log analysis highlights the rapid smash and grab raid: in, steal, and leave in 30 minutes. The post Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds Read More »

Risk related to non-human identities: Believe the hype, reject the FUD

access control, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, Sweet Security /

Risk related to non-human identities: Believe the hype, reject the FUD 2024-07-15 at 08:01 By Help Net Security The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related breaches is causing some of

React to this headline:

Loading spinner

Risk related to non-human identities: Believe the hype, reject the FUD Read More »

From passwords to passkeys: Enhancing security and user satisfaction

authentication, Compliance, credentials, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, passwordless, passwords, regulation, Stytch /

From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of

React to this headline:

Loading spinner

From passwords to passkeys: Enhancing security and user satisfaction Read More »

Medibank breach: Security failures revealed (lack of MFA among them)

Australia, credentials, data breach, Don't miss, extortion, Hot stuff, Medibank, MFA, News /

Medibank breach: Security failures revealed (lack of MFA among them) 2024-06-18 at 17:31 By Zeljka Zorz The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor. According to a statement by

React to this headline:

Loading spinner

Medibank breach: Security failures revealed (lack of MFA among them) Read More »

The number of known Snowflake customer data breaches is rising

cloud security, credentials, data breach, data theft, Don't miss, enterprise, extortion, Hot stuff, News, Snowflake /

The number of known Snowflake customer data breaches is rising 2024-06-10 at 15:46 By Zeljka Zorz LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to

React to this headline:

Loading spinner

The number of known Snowflake customer data breaches is rising Read More »

Snowflake compromised? Attackers exploit stolen credentials

credentials, data breach, data theft, Don't miss, enterprise, extortion, Hot stuff, Hudson Rock, Mitiga, News, Snowflake /

Snowflake compromised? Attackers exploit stolen credentials 2024-05-31 at 22:17 By Zeljka Zorz Have attackers compromised Snowflake or just their customers’ accounts and databases? Conflicting claims muddy the situation. What is Snowflake? Snowflake is cloud-based data storage and analytics company based in the US, and claims nearly 9,500 organizations around the world as customers. “From an

React to this headline:

Loading spinner

Snowflake compromised? Attackers exploit stolen credentials Read More »

Product showcase: Alert – Data breach detector for your email, credit card, and ID

credentials, data breach, Don't miss, email security, Hot stuff, News, Product showcase, Surfshark /

Product showcase: Alert – Data breach detector for your email, credit card, and ID 2024-05-24 at 08:31 By Help Net Security Compared to the last quarter of 2023, data breaches rose from 81M to 435M in Q1 2024. That’s a 5-fold increase in just a few months. One of the most common ways data breaches

React to this headline:

Loading spinner

Product showcase: Alert – Data breach detector for your email, credit card, and ID Read More »

Strategies for combating AI-enhanced BEC attacks

access management, Artificial Intelligence, BEC scams, credentials, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote working, scams, strategy, TeamViewer /

Strategies for combating AI-enhanced BEC attacks 2024-05-21 at 07:31 By Mirko Zorz In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams. How is AI being leveraged by cybercriminals to enhance the effectiveness of BEC scams? BEC attacks are

React to this headline:

Loading spinner

Strategies for combating AI-enhanced BEC attacks Read More »

CISA warns about Sisense data breach

CISA, credentials, data breach, Don't miss, Hot stuff, News, Sisense /

CISA warns about Sisense data breach 2024-04-11 at 17:31 By Zeljka Zorz Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure Security Agency to push the company’s customers to “reset credentials and secrets potentially exposed to, or used to access,

React to this headline:

Loading spinner

CISA warns about Sisense data breach Read More »

Strengthening defenses against nation-state and for-profit cyber attacks

access management, credentials, critical infrastructure, cyberattacks, cybersecurity, Don't miss, Hot stuff, identity, MFA, Video, Xage Security /

Strengthening defenses against nation-state and for-profit cyber attacks 2024-04-04 at 06:32 By Help Net Security There is an urgent need to secure tactical, operational, and strategic critical assets from the edge to the core. In this Help Net Security video, Geoffrey Mattson, CEO of Xage Security, discusses the steps enterprises and critical infrastructure must take

React to this headline:

Loading spinner

Strengthening defenses against nation-state and for-profit cyber attacks Read More »

Optimized by Optimole
Scroll to Top