Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Digital Identity

WatchGuard

How Identity Security Enhances Network and Endpoint Security

Jul 19, 2024 By Sam Manjarres In WatchGuard
The intersection of identity, endpoint, and network security is becoming increasingly self-evident. Despite all their efforts, modern organizations continue to struggle to safeguard their data and prevent unauthorized access. The Verizon Data Breach Investigations report for 2024 continues to highlight that human elements were a component of 68% of breaches.
Read Post
securitysenses

The Importance of Know Your Business (KYB) in the Fintech World

Jul 19, 2024 By SecuritySenses In SecuritySenses
In the dynamic and rapidly evolving fintech industry, regulatory compliance and risk management are crucial for maintaining trust and ensuring sustainability. One critical component of this regulatory framework is the Know Your Business (KYB) process. KYB involves verifying the legitimacy and credentials of business clients and partners, ensuring they are who they claim to be, and assessing their potential risks. In the fintech world, KYB is essential for mitigating fraud, ensuring compliance with regulations, and fostering a trustworthy ecosystem.
Read Post
cyberark

CIO POV: Rethinking Data Security Post-Snowflake Customer Attacks

Jul 17, 2024 By Omer Grossman In CyberArk
Watching the recent Snowflake customer attacks unfold felt a bit like rewatching a horror movie with predictable attack sequences and missed opportunities to run to safety. But this time, the ending was far more devasting. More than 100 organizations were exposed, and many are now grappling with the impacts of data theft and extortion in what some are calling one of the largest breaches in history.
Read Post
cyberark

Identity Crisis: The Curious Case of a Delinea Local Privilege Escalation Vulnerability

Jul 16, 2024 By Brenden Meeder In CyberArk
During a recent customer engagement, the CyberArk Red Team discovered and exploited an Elevation of Privilege (EoP) vulnerability (CVE-2024-39708) in Delinea Privilege Manager (formerly Thycotic Privilege Manager). This vulnerability allowed an unprivileged user to execute arbitrary code as SYSTEM. CyberArk responsibly disclosed this vulnerability to Delinea, including the exploit proof of concept (POC) code, as part of our commitment to contributing to the security community.
Read Post
cyberark

What 'Passwordless' Really Means for Privileged Access Management

Jul 11, 2024 By Sam Flaster In CyberArk
Privileged access management (PAM) programs aim to secure the highest-risk access in an organization, including using privileged credentials like passwords, SSH keys and application secrets. So, how can PAM and identity security teams prepare for a passwordless future? The answer lies in a deeper examination of what ‘passwordless’ really means and how PAM programs are modernizing to protect new identities and environments.
Read Post
cyberark

EP 56 - Time as Attack Surface

Jul 10, 2024 By CyberArk In CyberArk
In the latest episode of the Trust Issues podcast, the focus is on the criticality of time in organizational security. The conversation with host David Puner and guest Katherine Mowen, SVP of Information Security at Rate (formerly Guaranteed Rate), highlights the importance of swift decision-making and prompt threat response. They discuss the role of just-in-time (JIT) access and AI in accelerating response times, as well as the ever-evolving threat landscape that requires constant vigilance.
Read Post
cyberark

Why Implementing Identity Security Doesn't Have to Be Complicated

Jul 10, 2024 By Andrey Pozhogin In CyberArk
Every organization is different, with its own unique needs, challenges and goals. That means that IT solutions, and especially IT security, must be complex tools that are highly configurable and adaptable to various scenarios. IT security solutions must be flexible and robust enough to handle many situations.
Read Post
cyberark

The Current State of Browser Cookies

Jul 8, 2024 By Alon Zahavi In CyberArk
When you hear “cookies,” you may initially think of the delicious chocolate chip ones. However, web cookies function quite differently than their crumbly-baked counterparts. Website cookies are small data chunks, usually saved in a database, that websites transfer onto your computer or mobile device to save data and information about you. They enable sites to identify users and remember helpful information to enhance their experience.
Read Post
idcentral

Understanding Transaction Monitoring in Anti-Money Laundering (AML)

Jul 2, 2024 By Mohini Sahu In IDcentral
Transaction monitoring in the realm of Anti-Money Laundering (AML) is a critical process that financial institutions employ to detect and prevent illicit activities such as money laundering, terrorist financing, and fraud. As regulatory scrutiny intensifies globally, the importance of robust transaction monitoring systems cannot be overstated.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.