The Spanish High Court on Monday sided with the country's data regulator, the Spanish Data Protection Agency, to uphold a three-month ban on OpenAI founder Sam Altman's controversial digital identity and cryptocurrency platform Worldcoin due to privacy concerns.
A post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign-on authentication messages, warn security researchers from Semperis, who unveiled an attack they dub "Silver SAML."
Okta's 90-day push to improve its security architecture and operations after a crippling October 2023 data breach delivered quick results, CEO Todd McKinnon said. Okta over the past quarter reduced credential stuffing attempts and malicious bot traffic for its largest customers by more than 90%.
SSH Communications Security CEO Teemu Tunkelo left the Finnish cybersecurity vendor abruptly Monday after low license sales in late 2023 slowed the company's growth. No reason was given for Tunkelo's departure, which stems from an agreement between the CEO and SSH and will take effect immediately.
Britain's privacy watchdog ordered Serco Leisure, which operates nearly 40 leisure facilities, to cease using facial recognition and fingerprint scanning for clocking employees in and out, saying the company failed to demonstrate such technology was "necessary or proportionate."
In the latest weekly update, Jeremy Grant of Venable LLP joins editors at ISMG to discuss the state of secure identity in 2024, the challenges in developing next-generation remote ID proofing systems, and the potential role generative AI can play in both compromising and protecting identities.
California privileged access management vendor Delinea announced it will acquire identity governance and administration vendor Fastpath. "We believe privilege, not just identity, is the true security perimeter," said Delinea Chief Product Officer Phil Calvin.
Jeff Shiner, CEO of the popular password management company 1Password, said Monday that the company is acquiring leading device security platform Kolide in response to the "historic transformation of the workplace that demands transformative and intuitive new security solutions."
When a hospital or clinic is hit with a cyberattack, it often seems as if the electronic health record systems just can't win. Even if the EHR system is not the prime target of the attack, it's still frequently taken off line as the organization responds to the incident. What should entities do?
Protecting our identities is extremely important. An identity fabric is a robust identity control framework, but before you can roll one out, you need to understand all aspects of the IAM life cycle, assess all the areas of risk and make sure that remediation controls are in place.
With ever-increasing threats of cyberattacks, outages, and data breaches, building digital trust into business operations is as crucial as it’s ever been. But most companies know they could be doing more to assess and avoid vulnerabilities in the enterprise, in the software supply chain, and with connected/IoT...
In the latest weekly update, Joe Sullivan, CEO of Ukraine Friends, joins three editors at ISMG to discuss the challenges of being a CISO in 2024, growing threats from disinformation, vulnerabilities in MFA, AI's role in cybersecurity, and the obstacles to public-private information sharing.
Entrust, a pioneer payment, identity and data security software and services provider, is in talks to acquire Onfido, a pioneer in cloud-based, AI-powered identity verification technology, for a reported $400 million. The combined solution will help customers fight identity fraud.
Okta announced layoffs amounting to 7% of its workforce in a restructuring that will cost 400 employees their jobs. Thursday's disclosure is the second round of layoffs the company has undergone in the past 12 months. CEO Todd McKinnon said the cuts are needed to run Okta with "greater efficiency."
A nation-state hacking group run by Russian intelligence gained access to a Microsoft "legacy, non-production test tenant account" and used it to authorize malicious Office 365 OAuth applications, access Outlook, and steal Microsoft and customers' emails and attachments, Microsoft said.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.