In a video interview, a panel of experts describes why implementing a "zero trust" architecture for the remote workforce during the COVID-19 pandemic requires redefining access control and security strategies.
Over the course of three days, ISMG and SecureAuth teamed up for a series of virtual roundtable discussions on the future of identity security. Bil Harmer of SecureAuth reflects on these discussions and how they inform his view of the factors influencing both the present and future of identity.
As phishing campaigns and hacker attacks spread during the COVID-19 global pandemic, it's more important than ever for organizations to promptly report fraud to authorities to help them crack down on cybercrime, says Dr. Karnika Seth cyberlaw expert and advocate at Supreme Court of India.
Singapore's open banking effort has expanded the attack surface, and the only effective defense is to enhance threat intelligence sharing among banks, retailers and third parties, says Tom Wills, a Singapore-based cybersecurity practitioner who is a consultant for financial institutions.
With a global remote workforce, the concept of secure identity has never been more critical. What is the present and future of identity? In a preview of an upcoming virtual roundtable discussion, SecureAuth's Bil Harmer shares his vision.
If you conduct business online, provide your customers and partners with secure web-access to your systems, or just have a brand worth spoofing, it is very likely your brand is already being exploited via email or the web. This attack technique has gone well beyond the big internet brands like Microsoft, ebay, and...
Emotions about the global pandemic are running high, and attackers are taking advantage. Researchers have observed criminals spreading malware by impersonating official sources, distributing malicious COVID-19 maps and trackers, and malvertising on coronavirus-related news stories.
As security professionals, we...
The FBI this week seized the domain of Deer.io, which federal authorities describe as a clearinghouse for stolen data and cybercriminal services operating from Russia. The alleged administrator of the now-shuttered site has been arrested and charged.
Account Takeover is now a ubiquitous term, and ATO prevention has become a high priority for cybersecurity leaders. But most of the effort is put toward thwarting high-volume, automated credential stuffing. Less understood are "targeted ATO attacks." Highly effective and difficult to detect, they cause huge damage to...
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.
For close to three years, a technology executive was hounded by a persistent attacker who stole his identity, opened credit cards in his name, and wired funds from his bank account. Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks.
If your account...
One of biggest challenges of complying with Thailand's Personal Data Protection Act, which will go into effect in May, is managing the consent of customers, says Surachai Chatchalermpun, CISO with Krung Thai Bank, the nation's largest state bank.