December 12, 2024 at 08:28AM Oasis Security revealed a critical vulnerability, AuthQuake, allowing bypass of Microsoft’s multi-factor authentication (MFA). Reported in June, a temporary fix was issued before a permanent one in October. The exploit required no user interaction and could quickly grant access to sensitive accounts, affecting over 400 million Office 365 users. ### … Read more
December 10, 2024 at 08:04AM Astrix Security, a startup focusing on securing non-human identities, has raised $45 million in Series B funding, totaling $85 million. Investors include Menlo Ventures, Workday Ventures, and BVP. The company addresses identity management challenges and has expanded its workforce significantly to serve major clients like Workday and Netapp. ### Meeting … Read more
November 26, 2024 at 02:38PM Amazon Web Services updated Amazon Cognito, enhancing identity and access management capabilities for developers. Key features now include passwordless login options, a streamlined developer console, and tiered pricing (Lite, Essentials, Plus) based on user needs. Enhanced security features are available in the higher tiers, excluding AWS GovCloud regions. ### Meeting … Read more
November 21, 2024 at 05:36PM Apono has updated its Cloud Access Platform, allowing automatic discovery and revocation of standing access to enhance security across cloud environments. This update supports Just-in-Time, Just-Enough access, reducing vulnerabilities while maintaining operational efficiency. In-person demonstrations will be held at AWS re:Invent from December 2-6. Visit www.apono.io for details. ### Meeting … Read more
November 18, 2024 at 10:05AM The cybersecurity landscape is evolving rapidly, driven by increasing threats and the exploitation of AI by cybercriminals. Companies are significantly raising cybersecurity budgets, yet attacks continue to escalate. As specialized solutions are in demand, companies that harness emerging technologies to enhance security will likely experience substantial growth in the sector. … Read more
November 18, 2024 at 09:00AM Research by GitGuardian and CyberArk reveals a rise in secrets leaks among IT decision-makers, with over 12.7 million hardcoded credentials exposed on GitHub. Organizations face lengthy remediation times and unclear ownership of security responsibilities. A shared responsibility model between developers and security teams could enhance credential management and reduce risks. … Read more
November 7, 2024 at 10:40AM Organizations can enhance cybersecurity by implementing essential measures like security awareness training, multi-factor authentication (MFA), and Zero Trust identity management, which help mitigate the risks posed by the human element. The article emphasizes the importance of these strategies in staying proactive against cybersecurity threats. **Meeting Takeaways:** 1. **Key Cybersecurity Strategies:** … Read more
November 6, 2024 at 01:31AM Google Cloud will require mandatory multi-factor authentication (MFA) for all users by the end of 2025 to enhance security. The rollout will occur in three phases, starting November 2024. This initiative aligns with similar efforts by competitors Amazon and Microsoft amid rising concerns over phishing and credential theft. ### Meeting … Read more
October 22, 2024 at 07:30AM Service accounts in Active Directory are essential yet pose security risks due to their elevated privileges if unmanaged. This guide details methods for locating and securing these accounts, highlighting Silverfort’s automated solutions for discovery, monitoring, and access protection, ultimately enhancing an organization’s security posture against potential breaches. ### Meeting Takeaways: … Read more
October 15, 2024 at 08:10AM Organizations increasingly rely on digital technologies, making identity the key security perimeter. Despite adopting security measures like MFA and single sign-on, many accounts remain vulnerable to attacks. Research indicates significant gaps in MFA usage and password security, with high risks of credential stuffing and phishing due to weak practices. ### … Read more