CSO Magazine

JUNE 2, 2022

A new next-generation access and authentication platform powered by artificial intelligence was launched Wednesday by SecureAuth. The days of granting blanket trust after initial authentication are over, says SecureAuth CEO Paul Trulove. "If, To read this article in full, please click here

Authentication 91

Authentication Artificial Intelligence CSO Passwords 91

CSO Magazine

AUGUST 13, 2021

These are used for authentication, encryption, access control and many other aspects of modern security and they all require cryptographically secure random numbers -- sequences of numbers or symbols that are chosen in a way that's unpredictable by an attacker. Get the latest from CSO by signing up for our newsletters. ]

CSO 138

CSO IoT Encryption Authentication 138

CSO Magazine

SEPTEMBER 22, 2022

Credential compromise has been one of the top causes for network security breaches for a long time, which has prompted more organizations to adopt multi-factor authentication (MFA) as a defense. It's a simple yet effective technique that has become known as MFA fatigue and was also used in the recent Uber breach.

Authentication 141

Authentication Network Security Accountability 141

CSO Magazine

FEBRUARY 15, 2023

Descope has launched its first product, a platform designed to help developers add authentication and user management capabilities to their business-to-consumer and business-to-business applications. The Descope platform aims to make it easier to build passwordless authentication, according to the company.

Authentication 112

Authentication B2C B2B Software 112

CSO Magazine

SEPTEMBER 30, 2021

CISOs looking to beef up their customer-facing authentication procedures to thwart cyberattacks need to walk a fine line. Selecting the most appropriate authentication method for your customers is something of a moving target because consumer attitudes are always changing.

Authentication 128

Authentication Passwords Retail CISO 128

CSO Magazine

JANUARY 24, 2023

These security and useability shortcomings have driven the search for alternative approaches known generally as passwordless authentication. Passkeys are a kind of passwordless authentication that is seeing increasing focus and adoption. Inherent useability problems make passwords difficult for users to manage safely.

Authentication 109

Authentication Passwords Hacking 109

CSO Magazine

JANUARY 4, 2023

Every business needs a secure way to collect, manage, and authenticate passwords. Storing passwords in the browser and sending one-time access codes by SMS or authenticator apps can be bypassed by phishing. Unfortunately, no method is foolproof.

Authentication 129

Authentication Password Management Backups Passwords 129

CSO Magazine

JUNE 17, 2021

As the core of Windows enterprise networks, Active Directory, the service that handles user and computer authentication and authorization, has been well studied and probed by security researchers for decades. To read this article in full, please click here

CSO 133

CSO Passwords Authentication Accountability 133

CSO Magazine

SEPTEMBER 8, 2022

This article will give you an understanding of how crypto wallets work and the role they play in authentication. Mainstream cyber security businesses are already working on this, accelerating the blockchain-enabled security landscape. What is a crypto wallet?

Authentication 109

Authentication Encryption Software 109

CSO Magazine

JUNE 8, 2022

Microsoft will soon change the mandate to multi-factor authentication (MFA) with changes to Microsoft 365 defaults. Specifically, we will start with customers who aren’t using Conditional Access, haven’t used security defaults before, and aren’t actively using legacy authentication clients.”

Authentication 112

Authentication Passwords Phishing Accountability 112

CSO Magazine

MARCH 28, 2023

Authentication-related attacks grew in 2022, taking advantage of outdated, password-based authentication systems, according to a study commissioned by HYPR, a passwordless multifactor authentication (MFA) provider based in the US.

Authentication 109

Authentication Passwords Marketing Phishing 109

CSO Magazine

JUNE 15, 2021

Sign up for CSO newsletters. ]. Remote code execution and authentication bypass. VMware vCenter is used by enterprises to manage virtual machines, the VMware vSphere cloud virtualization solution, ESXi hypervisors, and other virtualized infrastructure components.

CSO 127

CSO Authentication Internet Internet 127

CSO Magazine

MARCH 24, 2023

The attacks can be executed remotely without authentication because MLflow doesn't implement authentication by default and an increasing number of MLflow deployments are directly exposed to the internet. It's pretty brutal." To read this article in full, please click here

CSO 111

CSO Authentication Engineering Internet 111

CSO Magazine

MARCH 1, 2022

Risk-based authentication (RBA), also called adaptive authentication, has come of age, and it couldn’t happen fast enough for many corporate security managers. What is risk-based authentication? It creates a risk profile of the person or device requesting access to the system.

Authentication 93

Authentication Risk Phishing Accountability 93

SC Magazine

MAY 3, 2021

Dan Meacham is chief information security officer and CSO with Legendary Entertainment, the production company behind Godzilla vs. Kong and other popular films such as The Dark Knight and Jurassic World. If they can pass this authentication process, then they don’t even need a password to log in. Legendary Entertainment).

CSO 69

CSO InfoSec Media Authentication 69

CSO Magazine

SEPTEMBER 5, 2022

Since some of these attacks exploit design decisions in the authentication protocols used inside Windows networks, they cannot be simply patched by Microsoft with changes in software. Organizations need to take defense-in-depth measures that involve stricter configurations and additional controls to protect themselves.

Authentication 98

Authentication Risk Software 98

CSO Magazine

DECEMBER 2, 2022

Using multi-factor authentication (MFA) is one of the key components of an organizations Identity and Access Management (IAM) program to maintain a strong cybersecurity posture. Having multiple layers to verify users is important, but MFA fatigue is also real and can be exploited by hackers.

Authentication 111

Authentication Accountability Cybersecurity 111

CSO Magazine

OCTOBER 12, 2022

Any security guidance will tell you that multi-factor authentication (MFA) is a key method to keep attackers out. While it protected parts of the authentication process, it did not protect Outlook Web Access (OWA), which uses basic authentication. Passwords clearly are not enough to protect networks.

Authentication 91

Authentication Passwords 91

The Security Ledger

DECEMBER 21, 2022

Paul speaks with Caleb Sima, the CSO of the online trading platform Robinhood, about his journey from teenage cybersecurity phenom and web security pioneer, to successful entrepreneur to an executive in the trenches of protecting high value financial services firms from cyberattacks. Caleb Sima is the CSO at Robinhood.

CSO 52

CSO Financial Services CISO Mobile 52

CSO Magazine

MARCH 15, 2023

Multifactor authentication (MFA) provider Beyond Identity has announced the launch of Zero Trust Authentication — a sub-category of zero trust security that the firm says aligns verification with zero-trust principles.

Authentication 94

Authentication Phishing 94

CSO Magazine

AUGUST 24, 2022

and hackers have developed ways to bypass multi-factor authentication (MFA) on cloud productivity services like Microsoft 365 (formerly Office 365). According to the researchers, the campaign they analyzed is widespread and targets large transactions of up to several million dollars each. To read this article in full, please click here

Authentication 84

Authentication Accountability Phishing 84

The Last Watchdog

MAY 5, 2022

Enable multi-factor authentication (MFA) to access your applications and services, especially for admin access to platforms and backend systems. About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. Food for thought, eh!

Ransomware 247

Ransomware Risk Internet Internet 247

CSO Magazine

JUNE 8, 2023

BastionZero has announced the release of SplitCert to provide password-free authentication access to databases. It uses Mutual TLS (mTLS) and cryptographic multi-party computation (MPC) to provide certificate-based authentication for popular, self-hosted Postgres and MongoDB databases, according to the vendor.

Authentication 75

Authentication Passwords 75

CSO Magazine

APRIL 20, 2021

| Sign up for CSO newsletters. ]. These families are related to the circumvention of authentication and backdoor access to these devices, but they are not necessarily related to each other and have been observed in separate investigations.

VPN 98

VPN CSO Hacking Authentication 98

CSO Magazine

FEBRUARY 8, 2023

Data security and management vendor has announced the 7.0 software release of its Cohesity Data Cloud platform. The release provides customers with enhanced cyber resiliency capabilities to help protect and secure data against cyberattacks, the firm stated in its announcement.

Ransomware 114

Ransomware Authentication Marketing Software 114

CSO Magazine

MARCH 20, 2023

ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations.

Authentication 68

Authentication VPN Mobile Passwords 68

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

CSO Magazine

NOVEMBER 28, 2022

Customer identity and access management (CIAM), a subset of identity access management (IAM), is used to manage authentication and authorization of account creation and login process for public facing applications.

CSO 80

CSO Data collection Marketing Accountability 80

SC Magazine

JUNE 18, 2021

News of a cloud misconfiguration at Wegmans serves as yet another example of the complexity of IT systems as organizations migrate to the cloud, said Rick Tracy, CSO at Telos Corporation. Tracy said companies really need to understand the shared security model of the cloud providers.

CSO 107

CSO Passwords Authentication Accountability 107

Security Boulevard

FEBRUARY 5, 2024

This essential CSO guide outlines the robust account monitoring, access notifications, multi-factor authentication, deception technology, and user controls crucial for implementing unmatched account security across your organization.

Account Security 58

Account Security Accountability CSO Authentication 58

CSO Magazine

OCTOBER 6, 2022

These include a new Dark Web Insights tool that provides a breakdown of compromised passwords, a standalone authenticator app for enabling account multi-factor authentication (MFA), and a low-cost starter plan for small businesses. Password manager vendor Dashlane has announced updates to its suite of enterprise offerings.

Authentication 75

Authentication Small Business Password Management Passwords 75

Duo's Security Blog

JULY 13, 2021

For more information about how Duo is paving the way for passwordless authentication, visit our Passwordless Authentication preview page , where you can also sign up for updates about our upcoming passwordless solution. Find out how Duo can help you transition to passwordless seamlessly and securely. BSides Is Back, Too!

CISO 105

CISO CSO Authentication Passwords 105

CSO Magazine

JUNE 30, 2021

Microsoft’s June security update is light on details but heavy on possible long-term impact to network environments. It updates a patch fixing an issue for a DCOM Server security feature bypass (CVE-2021-26414). What exactly is it fixing? A Japanese security bulletin offers some hints.

Authentication 102

Authentication 102

CSO Magazine

APRIL 20, 2023

Zero trust security provider Xage Security has added a multilayer identity and access management (IAM) solution to its decentralized access control platform Xage Fabric to secure assets in different layers of operational technology (OT) and industrial control systems (ICS) environments.

Authentication 96

Authentication Technology 96

The Last Watchdog

MARCH 25, 2019

If I go to a CSO and say, ‘We can secure your APIs,’ he’ll say, ‘Great, can you also find them for me?’ ” observed Dwivedi, Data Theorem’s founder. Instead, what it did was allow anyone with a usps.com account to modify a wildcard search without authentication permissions. And that’s just one phone. Velocity without security.

Digital transformation 154

Digital transformation Software Data breaches Authentication 154

CSO Magazine

FEBRUARY 9, 2022

Do the traditional techniques of protection still work in the age of work from home? Yes, but you need to use different rules and products.

Authentication 86

Authentication Firewall Antivirus Engineering 86

CSO Magazine

MAY 26, 2021

Many of us are still using NTLM to authenticate to our networks especially for remote access during the pandemic. This old but well-used protocol was the default for network authentication in the Windows NT 4.0 operating system. It is less secure than more modern protocols such as Kerberos.

Authentication 141

Authentication 141