News, Insight and Analysis

News

• Telegram bots allowing hackers to steal OTP codes

  A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading

• Beware of proxyware: Connection-sharing services pose risks

  Cisco Talos warns that sharing internet connections with random people via third-party app like Honeygain and Peer2Profit could lead to malware installations and other threats. Continue Reading

• Researchers discover critical flaw in Azure Cosmos DB

  Wiz security researchers found a new attack vector in Microsoft Azure, which if exploited could allow an attacker to gain access to customers primary keys. Continue Reading

• FBI watchlist exposed by misconfigured Elasticsearch cluster

  A terrorist watchlist was found in an exposed database, and security researcher Bob Diachenko says there is no way of knowing just how long it was open to the public. Continue Reading

• SonicWall warns of 'imminent' SMA 100/SRA ransomware attacks

  SonicWall said that those who fail to update or disconnect their vulnerable SMA 100 and SRA devices are 'at imminent risk of a targeted ransomware attack.' Continue Reading

Get Started

• Working with PowerShell Secret Management and Secret Vault

  The two new PowerShell modules put API keys, credentials and other secrets under lock and key to protect sensitive information in automation and remoting scenarios. Continue Reading

• Get a grasp on using group managed service accounts

  When you create a group managed service account, it relieves some administrative duties and bolsters the security related to passwords for services in a Windows environment. Continue Reading

• Get to know cloud-based identity governance capabilities

  As enterprise cloud adoption increases, the market for cloud identity governance is expected to expand. Learn more about the use cases, benefits and available product options. Continue Reading

• Understanding the zero trust-SDP relationship

  Zero trust is a complicated framework that spans the IT stack. Find out how software-defined perimeter can address zero trust's network-level access requirements. Continue Reading

• Quiz: Network security authentication methods

  There are many methods available to authenticate users requesting access to an organization's systems. Test your knowledge with this quiz on authentication in network security. Continue Reading

Evaluate

• Blockchain for identity management: Implications to consider

  Blockchain has changed the way IAM authenticates digital identities. Consider these 14 implications when asking how and where IAM can benefit your organization. Continue Reading

• How cloud adoption is shaping digital identity trends in 2021

  Expert Carla Roncato explains what organizations need to know about emerging digital identity and security trends for the cloud, including CASB, CIEM and zero trust. Continue Reading

• Corral superuser access via SDP, privileged access management

  Keeping control of superusers is an ongoing challenge. Employing SDP and privileged access management can make the job easier. But can SDP replace PAM? Continue Reading

• RSA Conference 2021: 3 hot cybersecurity trends explained

  In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading

• Despite confusion, zero-trust journey underway for many

  Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading

Manage

• How to implement machine identity management for security

  In IAM, companies must consider whether machines, applications and devices have the appropriate identities and access authorizations when communicating behind the scenes. Continue Reading

• 5 steps to secure the hybrid workforce as offices reopen

  Companies must now face the security challenges of overseeing a hybrid workforce as employees return to the office. Continue Reading

• Stay in control with Azure AD Privileged Identity Management

  Rampant use of elevated privileges can prove hazardous to enterprises. Rein in access and manage resource access with help from this Azure Active Directory feature. Continue Reading

• 7 privileged access management best practices

  Privileged access is a given in enterprise environments, but it presents many security issues if breached. Follow these seven PAM best practices to mitigate risk. Continue Reading

• 2021 IT priorities require security considerations

  AI, IoT and 5G are among the top IT priorities for CIOs and CTOs in 2021. Is your team prepared to address each tech's security needs? Continue Reading

Problem Solve

• 6 persistent enterprise authentication security issues

  Some authentication factors are considered more secure than others but still come with potential drawbacks. Learn about the most common enterprise authentication security issues. Continue Reading

• Active Directory replication troubleshooting tips and tools

  When replication between domain controllers breaks down, just about everything else will grind to a halt. These utilities can help pinpoint the Active Directory issues. Continue Reading

• How security teams can prevent island-hopping cyberattacks

  Learn how to prevent island-hopping cyberattacks to keep hackers from gaining the confidence of a phishing victim who could then accidentally commit corporate financial fraud. Continue Reading

• Top 2 post-COVID-19 CISO priorities changing in 2020

  CISO priorities for 2020 were upended when the COVID-19 pandemic hit. Learn two ways forward-thinking CISOs are planning to deal with the new normal. Continue Reading

• Active Directory nesting groups strategy and implementation

  Does your current Active Directory permissions setup spark joy? If not, then it's time to unscramble that confusing design into something that's easier to use and maintain. Continue Reading