Europol arrested a "high value" Russian-Canadian LockBit ransomware operator wanted in connection to high-profile cyber attacks on critical infrastructure and large industrial groups.
Staff Correspondent at CPO Magazine
Alicia Hope has been a journalist for more than 5 years, reporting on technology, cyber security and data privacy news.
Nation-state attacks on critical infrastructure and cyberespionage, and password attacks from ordinary cybercriminals increased tremendously within a year, according to Microsoft report.
Cybersecurity researchers disclosed a GitHub vulnerability that could allow attackers to hijack and poison thousands of popular open-source packages with millions of users which can lead to supply chain attacks.
eCommerce retailers face the most significant risk from automated malicious software, with hackers deploying advanced bad bots in nearly two-thirds of account takeover attacks.
One common weakness in conventional security is the password. Your organization becomes open to attack if a user's password is compromised, or even worse if the email address used for password resets is compromised.
Security companies and regulatory organizations (most notably NIST) have emphasized the advantages of a zero-trust security architecture for years. Rights are granted dynamically when needed, only to the appropriate level, and then they are removed when no longer required.
Privileged identity management and privileged account management are concerned with regulating and auditing access received through any form of administrative account connected to a system; whether on-premise, cloud, or hybrid.
One Identity's method of unified identity management, privileged accounts, and access consists of a number of standalone products that cooperate to address the troublesome issues pertaining to privileged accounts.
An enforced policy of quickly denying access to dismissed personnel should be a basic policy of every firm — and it's not that difficult to implement. Companies should not be caught in red tape and pointless procedures, prolonging the termination of the administrator's rights until it was already late.
A more precise allocation of power, policy-based management, activity tracking and automated procedures can add a layer of security to a category that is inherently risky while maintaining administrators should do their tasks quickly and successfully.
