Identity and Access Management

Identity and Access Management | News, how-tos, features, reviews, and videos

Microsoft Windows 7 security patches/updates
Multifactor authentication  >  Mobile phone verification of a permission request for laptop login.

social engineering fraud impersonation neon face with hoodie by photo by sebastiaan stam on unsplash

Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

Proofpoint discovers threat actors targeting verified status in the Microsoft environment to abuse OAuth privileges and lure users into authorizing malicious apps.

Many keys, one lock  >  Brute-force credential stuffing.

How passkeys are changing authentication

Well-implemented passkeys can improve the user experience and make it harder for cybercriminals to launch phishing and other attacks.

metaverse

The metaverse brings a new breed of threats to challenge privacy and security gatekeepers

If your organization isn’t already moving into the metaverse, it soon will be. Be warned: today’s security protocols and privacy laws may not apply to 3D worlds.

Impersonation / disguise / fraud / false identity / identity theft

Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams

Researchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.

access control / authentication / privileges / security / key

Why it might be time to consider using FIDO-based authentication devices

Access codes sent by SMS or authenticator apps can be bypassed by clever phishing. Hardware-based tokens make that harder to do.

byod mobile tablets smartphones users devices

How acceptable is your acceptable use policy?

If users resent, fear, or ignore policies around the use of corporate resources, it may be time for a different approach that incentivizes rather than punishes.

Conceptual image of a network labeled 'Zero Trust.'

Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation

Protecting the most vital areas of the network first is a practical, doable defense, Brooks found when it implemented Illumio Core’s zero-trust segmentation platform.

A circuit key at the center of a system of integrated security: endpoints/devices/networks/apps/etc.

Top 7 CIAM tools

Customer identity and access management (CIAM) is the basis to improve management and control of third parties’ access to a business. Here are the top seven CIAM tools currently in the market.

analytics mistrust 2

Almost half of customers have left a vendor due to poor digital trust: Report

New research from DigiCert has found that digital trust is a key driver of customer loyalty, with 84% of customers saying they would consider leaving a vendor that did not manage digital trust.

cloud security

ForgeRock set to roll out new IAM capabilities designed for the cloud

Automation and AI are the headliners for ForgeRock’s new IAM platform, which aims to simplify an increasingly complex identity and security landscape.

cloud security

Okta streamlines IAM portfolio with consumer identity management cloud

Incorporation of Auth0 features and more closely integrated management highlights new cloud-based IAM (identity and access management) system.

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

8 top multi-factor authentication products and how to choose an MFA solution

Learn the key considerations when choosing an MFA solution and why these top picks are worth a look.

Multifactor authentication  >  A mobile phone displays a digital key to a lock on a user's laptop.

Top considerations when choosing a multi-factor authentication solution

Choosing the right MFA solution for a Microsoft environment that covers all authentication needs will reduce stress on your IT admins and help desk.

Conceptual image of a network labeled 'Zero Trust.'

How legacy tech impedes zero trust and what to do about it

Old perimeter-based defenses can throw up roadblocks to implementing a zero-trust strategy, but a measured, phased approach will see you through.

Conceptual image of password entry amid binary code.

Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan

Password manager vendor releases new credential security and support service features, along with a new low-cost option for small businesses.

Dell Active Pen

Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience

Dell announces several new cybersecurity resources including a Zero Trust Center of Excellence that will incorporate the US Department of Defense Zero Trust Reference Architecture.

VPN on iPhone

97% of enterprises say VPNs are prone to cyberattacks: Study

Since the shift to remote and hybrid work, 44% of organizations have witnessed an increase in exploits targeting VPNs, and many are moving toward zero-trust security, according to a report from Zscaler.

A binary mask.

The deepfake danger: When it wasn’t you on that Zoom call

Deepfakes pose a real threat to security and risk management and it’s only going to get worse as the technology develops and bad actors can access malicious offerings such as deepfakes as a service.

Load More
You Might Also Like