Product marketing manager from Thycotic, Erin Ducan, discusses privileged access in this Digital Summit session. Erin sets the stage with this: “We know that cyber attackers are utilizing new technology and automation to discover vulnerabilities more rapidly. For most organizations, the attack surface into which these attackers can infiltrate is massive. It is filled with hundreds,
With stolen credentials an easy find online, what are some measures to put in place to keep hackers from breaking into secure accounts? Sumit Agarwal takes credit for coining the term “credential stuffing.” He served as deputy assistant secretary of defense under President Obama and, in 2011, while working at the Pentagon, he began to
Have a hard time coming up with the answers to these puzzle questions? We know a great place to look for more clues… Snuggle up with your hot beverage of choice, take a break from the perils of facing reality, and hack away at The Edge’s Dark Reading cybersecurity crossword puzzle. It might be just
Phishing ratings, security ratings, human-ness ratings — we are looking at a future filled with grades of security and trustworthiness. But there is a downside. Rating systems to help businesses make decisions are everywhere — credit scores determine whether a person can get a loan and at what interest rate, scores on standardized exams can
Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters. 1 of 11 Now more than ever, we depend on smartphones to keep us connected to each other, to our employers, to our finances and healthcare providers. We use our phones to shop, bank, and access corporate applications and information.
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we’ve known about it for so long? In cyber security, attention is concentrated on the new — zero-day exploits, for example, are big news and big business. But old threats can still
Enterprise Vulnerabilities From DHS/US-CERT’s National Vulnerability Database CVE-2020-12431PUBLISHED: 2020-05-21
A Windows privilege change issue was discovered in Splashtop Software Updater before 18.104.22.168. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with result… CVE-2020-12828PUBLISHED: 2020-05-21
The long debate over whether encryption and anonymity shield too much criminal behavior also has staged a resurgence. Nations whose governments pursue a centralized model of contact tracing are more likely to see a massive surge in citizens adopting privacy-enhancing technologies — in some cases by a factor of 10x or more, according to messaging security
In contrast, Q1 2019 saw more interest in selling and buying access to individual servers. The first quarter of 2020 saw a dramatic rise in Dark Web offers to sell access to enterprise networks, with the number of posts advertising access up 69% compared with the fourth quarter of 2019, according to a new report.
Researchers shows most “flight-risk” employees planning to leave an organization tend to start stealing data two to eight weeks before they go. More than 80% of employees planning to leave an organization bring its data with them. These “flight-risk” individuals were involved in roughly 60% of insider threats analyzed in a new study. Researchers analyzed