Semperis researcher Eric Woodruff discovered Silver SAML - a new technique used to launch attacks from an identity provider against applications configured to use it for authentication. How does it differ from Golden SAML, and how can enterprises respond to the threat? Woodruff shares insight.
As cyberthreats continue to evolve, organizations are increasingly turning to advanced technological solutions to mitigate risks. Kris Burkhardt, CISO, Accenture, discusses how organizations are adopting passwordless systems and using generative AI to bolster their defenses.
The feds have expanded regulations for cybersecurity with the long-awaited NIST CSF 2.0 standards, and the new guidelines place more emphasis on overall risk management, as well as the "outsized role of identity in the context of a zero trust security posture," said Rohit Ghai, CEO, RSA.
In today's cybersecurity landscape, where threats such as ransomware evolve rapidly, organizations must shift their cybersecurity approach from technology-based to risk-based, said Niloofar Razi Howe, chair of the board, Pondurance. Opposite of that, she said, is to respond to threats as they come.
Expert insights into today’s top cybersecurity trends and attacker developments for 15 years running.
In this 15th edition, M-Trends provides an inside look at the evolving cyber threat landscape, with data drawn directly from frontline incident response investigations and threat intelligence findings of...
Adversaries seeking easy access to enterprise networks continue to probe for weak multifactor authentication deployments, oftentimes via nontargeted attacks that lead to phishing pages designed to steal one-time codes, said Joe Toomey, head of security engineering at cyber insurer Coalition.
The National Security Agency last month issued guidance on advancing zero trust programs through the network and environment pillar, with a key focus on microsegmentation. While the concept of microsegmentation is nothing new, why is the NSA behind it? And when will others follow?
Microsoft, Okta and CyberArk remained atop Forrester's workforce identity rankings, while OneLogin tumbled from the leaders' spot. The shift toward digital platforms and growing adoption of cloud services have been pivotal in driving the evolution of workforce identity platforms.
Federal regulators are sounding an alarm to warn healthcare sector entities of cyberattacks involving a tried-and-true hacking method - credential harvesting, which can be used to compromise patient data, disrupt healthcare operations and enable other crimes.
Healthcare and public health (HPH) organizations face mounting pressures to modernize authentication and implement Zero Trust in response to cyber threats, which are not only costly ($10.93M USD global average data breach cost, up 53% since 2020) and disruptive, but the majority of which (82%) can be traced back to...
Attacks in pharma can have a debilitating impact on the timely delivery of drugs, a risk to both patient safety and national security. 40% of pharmaceutical organizations reporting that a cyber intrusion caused outages that affected productivity, safety, compliance, revenue or brand image.
Download this whitepaper to...
Traditionally, organizations think of phishing-resistant authentication and not phishing resistant users.
Users often move across platforms (Apple, Google, Microsoft) and devices (smartphones, laptops, tablets) and between personal and corporate apps and services in the course of their day. Healthcare and...
The most significant security incidents in healthcare can be attributed to either a phishing attack (45%) or ransomware (17%), according to a HIMSS survey.
Most cyberattacks in healthcare focus on weaknesses such as the low implementation of security controls, with only 34% of healthcare respondents applying...
The Spanish High Court on Monday sided with the country's data regulator, the Spanish Data Protection Agency, to uphold a three-month ban on OpenAI founder Sam Altman's controversial digital identity and cryptocurrency platform Worldcoin due to privacy concerns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.