Category: Access control

July 20, 2023

If it seems like Remote Desktop Protocol (RDP) has been around forever, it’s because it has (at least compared to the many technologies that rise and fall within just a few years.) The initial version, known as “Remote Desktop Protocol […]

July 5, 2023

Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren’t really secrets. In personal life, a secret revealed can damage relationships, lead to social […]

June 30, 2023

Attain Insight released Attain Insight Security 4X version 4.0, an upgrade to its flagship security software. This latest release introduces new features and enhancements designed to fortify data protection, streamline compliance processes, and bolster user management across diverse enterprise environments. […]

June 26, 2023

In what’s an ingenious side-channel attack, a group of academics has found that it’s possible to recover secret keys from a device by analyzing video footage of its power LED. “Cryptographic computations performed by the CPU change the power consumption […]

June 20, 2023

Over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials. The credentials were discovered within information stealer logs made available […]

June 15, 2023

The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations’ sensitive data. But what do we really know about this risk? A new research by Browser Security company LayerX sheds light on the scope and […]

June 9, 2023

The way we work has undergone a dramatic transformation in recent years. We now operate within digital ecosystems, where remote work and the reliance on a multitude of digital tools is the norm rather than the exception. This shift – […]

May 30, 2023

Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic. “Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward this […]

May 22, 2023

A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim’s master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x […]

May 16, 2023

Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations’ essential systems and resources. Cybercriminals no longer break into systems, but instead log in – making access security more complex and also more important to manage and […]

May 12, 2023

In today’s interconnected world, where organisations regularly exchange sensitive information with customers, partners and employees, secure collaboration has become increasingly vital. However, collaboration can pose a security risk if not managed properly. To ensure that collaboration remains secure, organisations need […]

May 11, 2023

GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from inadvertently leaking keys and other secrets in their code. The Microsoft-owned cloud-based repository hosting platform, which began testing the feature […]

April 27, 2023

After a 13-year-long wait, Google Authenticator has added a 2FA account-sync feature that allows its users to back up their 2FA code sequences into the cloud, after which they can restore them back into a new device. Though the process […]

April 13, 2023

Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. “While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they’re known and fixed, which […]

March 13, 2023

Passwords are still the weakest link in an organization’s network, as proven by the analysis of over 800 million breached passwords, according to Specops Software. The study found 88% of passwords used in successful attacks consisted of 12 characters or […]

March 10, 2023

1Password has launched Unlock with Single Sign-On (SSO) which enables enterprise customers to use Okta for unlocking their 1Password accounts, with Azure AD and Duo integration to follow in the coming months. Unlock with SSO helps IT teams improve their […]

March 7, 2023

F5 and Visa join forces to enable merchants to securely reduce login friction for their customers. Customers expect seamless commerce experiences and transactions to be secure. Yet, in today’s digital-first world, customers are under threat from bad actors looking to […]

March 2, 2023

The cybercrime economy centered around access to compromised systems, services, and networks has grown dramatically in the past year — with a sixfold increase in the number of credentials stolen via malware and offered for sale. With cyberattackers using information-stealing […]

February 16, 2023

Styra Load advances the capabilities of Open Policy Agent (OPA), and alleviates the effects of data-heavy authorization while reducing infrastructure costs and increasing authorization performance for platform engineering teams. Purpose-built for enterprises managing authorization with large data sets, Styra Load […]

February 10, 2023

1Password, one of the most well-known password managers around, will soon be getting rid of passwords altogether, opting to support passkeys instead. Touted as the successor to passwords, passkeys save credentials to your devices in a secure way, allowing you […]