access control

Network Security

Issued by: Dark Reading

2020 saw a hugely accelerated evolution in the cybersecurity landscape. The pandemic pushed workforces remote and caused companies to move up plans for digital transformation, cloud services, and a plethora of remote access technologies. Meanwhile, the traditional operating models are not and will not be completely replaced in most organizations, and organizations have been left…

Vulnerabilities

Issued by: Help Net Security

For the second time in less than a week, VMware is warning about a critical vulnerability (CVE-2020-4006). This time, the affected solutions are VMware Workspace One Access, Access Connector, VMware Identity Manager and VMware Identity Manager Connector. As some of these are components of the VMware Cloud Foundation (vIDM) and vRealize Suite Lifecycle Manager (vIDM)…

Network Security

Issued by: Help Net Security

Amazon Web Services (AWS) has made available three new S3 (Simple Storage Service) security and access control features: Object Ownership Bucket Owner Condition Copy API via Access Points Object Ownership Object Ownership is a permission that can be set when creating a new object within an S3 bucket, to enforce the transfer of new object…

Network Security

Issued by: Help Net Security

Many organizations across the globe fall short of effectively managing access for third-party users, exposing them to significant vulnerabilities, breaches and other security risks, One Identity reveals. Most organizations grant third-party users access to their network Based on a Dimensional Research-conducted survey of more than 1,000 IT security professionals, the research evaluates organizations’ approaches to…

Cloud Security

Issued by: Help Net Security

Addressing security concerns around connected ecosystems

The convergence of IoT applications with emerging technologies such as artificial intelligence, Big Data, and context-aware computing could help address current security concerns around connected ecosystems. Pervasive security through context-aware access control is one of the future areas currently being explored by developers.

Network Security

Issued by: CIO Security

FBI director floats international framework on access to encrypted data

FBI director James Comey has suggested that an international agreement between governments could ease fears about IT products with government-mandated backdoors, but privacy advocates are doubtful. Speaking on Thursday, Comey suggested that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.

Software Security

Issued by: CSO

Privacy groups claim FBI hacking operation went too far

Privacy advocates are claiming in court that an FBI hacking operation to take down a child pornography site was unconstitutional and violated international law. That’s because the operation involved the FBI hacking 8,700 computers in 120 countries, based on a single warrant, they said.

Vulnerabilities

Issued by: Security Week

These Were the Most Common Passwords Used in 2016

Although weak and commonly used passwords have long been one of the most used venues to compromise accounts, they remain at the top of the most popular passwords charts, a recent Keeper Security report reveals. Last year’s mega-breaches once again brought to the spotlight the long-lasting issue of weak passwords, but users remained deaf to…

Network Security

Issued by: Security Intelligence

Access Management Resolution in the Digital Era

There seems to be continuing confusion about what access management means. In layman’s terms, accessing an application implies the process of authentication — i.e., opening a browser or accessing a link — where you may be prompted to enter your credentials. If the user provides the right set of credentials, he or she gains access…