Category: Access control

Access control, Security

How Organizations Can Prevent Users from Using Breached Passwords

December 4, 2020

Via: The Hacker News

There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment. Why would an attacker take the long, complicated way if they have the keys […]

Access control, Security, Threats & Malware, Vulnerabilities

Hackers Stealing and Selling VoIP Access

November 9, 2020

Via: DataBreach Today

Check Point Research has uncovered a large and likely profitable business model that involves hackers attacking and gaining control of certain VoIP services, which enables them to make phone calls through a company’s compromised system. During the first half of […]

Access control, Security

How to Protect Yourself From Pwned and Password Reuse Attacks

November 2, 2020

Via: The Hacker News

Many businesses are currently looking at how to bolster security across their organization as the pandemic and remote work situation continues to progress towards the end of the year. As organizations continue to implement security measures to protect business-critical data, […]

Access control, Security

Silo for Safe Access: A more secure web browser for some use cases

October 8, 2020

Via: CSO Online

The web browser has become a key component in the corporate security landscape as many core business applications are now web-based. But browsers are troublesome to secure, and browser and web application use is difficult to monitor in a meaningful […]

Access control, Security

AWS adds new S3 security and access control features

October 6, 2020

Via: Help Net Security

Amazon Web Services (AWS) has made available three new S3 (Simple Storage Service) security and access control features: Object Ownership Bucket Owner Condition Copy API via Access Points Object Ownership Object Ownership is a permission that can be set when […]

Access control, Hacker, Security, Threats & Malware

Flaws in leading industrial remote access systems allow disruption of operations

October 1, 2020

Via: Security Affairs

Security researchers from Israeli firm OTORIO found critical vulnerabilities in leading industrial remote access systems that could be exploited by attackers to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business […]

Access control, Security

Risky development practice leaves company access keys exposed

September 15, 2020

Via: Computer Weekly

Company access keys, used by developers to authenticate into other systems, are all too frequently being left exposed to the public during the software development process, putting company data at risk of being compromised by malicious actors on the lookout […]

Access control, Security

Secure Your Zoom Account with Two-Factor Authentication

September 11, 2020

Via: Hot for Security

2FA makes Zoom video-conferencing accounts harder for hackers to compromise Users given option of app-based or SMS-based 2FA Admins can set 2FA policy for different user groups We’ve said it once, we’ve said it twice, we’ve said it one hundred […]

Access control, Security

Is now the time to deploy passwordless options?

August 25, 2020

Via: CSO Online

Over the past several years, experts have recognized that perhaps the best password strategy for your application logins is to have no password at all, what has been often labeled as “passwordless.” It is a bit of a misnomer, as […]

Access control, Cloud security, Security

Attackers exploit Twilio’s misconfigured cloud storage, inject malicious code into SDK

July 23, 2020

Via: Help Net Security

Twilio has confirmed that, for 8 or so hours on July 19, a malicious version of their TaskRouter JS SDK was being served from their one of their AWS S3 buckets. “Due to a misconfiguration in the S3 bucket that […]