Identity and Access Management
Identity and Access Management | News, how-tos, features, reviews, and videos
Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges
Proofpoint discovers threat actors targeting verified status in the Microsoft environment to abuse OAuth privileges and lure users into authorizing malicious apps.
How passkeys are changing authentication
Well-implemented passkeys can improve the user experience and make it harder for cybercriminals to launch phishing and other attacks.
The metaverse brings a new breed of threats to challenge privacy and security gatekeepers
If your organization isn’t already moving into the metaverse, it soon will be. Be warned: today’s security protocols and privacy laws may not apply to 3D worlds.
Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams
Researchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.
Why it might be time to consider using FIDO-based authentication devices
Access codes sent by SMS or authenticator apps can be bypassed by clever phishing. Hardware-based tokens make that harder to do.
How acceptable is your acceptable use policy?
If users resent, fear, or ignore policies around the use of corporate resources, it may be time for a different approach that incentivizes rather than punishes.
Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation
Protecting the most vital areas of the network first is a practical, doable defense, Brooks found when it implemented Illumio Core’s zero-trust segmentation platform.
Top 7 CIAM tools
Customer identity and access management (CIAM) is the basis to improve management and control of third parties’ access to a business. Here are the top seven CIAM tools currently in the market.
Almost half of customers have left a vendor due to poor digital trust: Report
New research from DigiCert has found that digital trust is a key driver of customer loyalty, with 84% of customers saying they would consider leaving a vendor that did not manage digital trust.
ForgeRock set to roll out new IAM capabilities designed for the cloud
Automation and AI are the headliners for ForgeRock’s new IAM platform, which aims to simplify an increasingly complex identity and security landscape.
Okta streamlines IAM portfolio with consumer identity management cloud
Incorporation of Auth0 features and more closely integrated management highlights new cloud-based IAM (identity and access management) system.
8 top multi-factor authentication products and how to choose an MFA solution
Learn the key considerations when choosing an MFA solution and why these top picks are worth a look.
Top considerations when choosing a multi-factor authentication solution
Choosing the right MFA solution for a Microsoft environment that covers all authentication needs will reduce stress on your IT admins and help desk.
How legacy tech impedes zero trust and what to do about it
Old perimeter-based defenses can throw up roadblocks to implementing a zero-trust strategy, but a measured, phased approach will see you through.
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
Password manager vendor releases new credential security and support service features, along with a new low-cost option for small businesses.
Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience
Dell announces several new cybersecurity resources including a Zero Trust Center of Excellence that will incorporate the US Department of Defense Zero Trust Reference Architecture.
97% of enterprises say VPNs are prone to cyberattacks: Study
Since the shift to remote and hybrid work, 44% of organizations have witnessed an increase in exploits targeting VPNs, and many are moving toward zero-trust security, according to a report from Zscaler.
The deepfake danger: When it wasn’t you on that Zoom call
Deepfakes pose a real threat to security and risk management and it’s only going to get worse as the technology develops and bad actors can access malicious offerings such as deepfakes as a service.