identity
The surprising truth about identity security confidence
Organizations most confident in their identity security are often the least prepared, according to a new report from BeyondID. The study reveals a troubling gap between what …
What 50 companies got wrong about cloud identity security
Most organizations still miss basic identity security controls in the cloud, leaving them exposed to breaches, audit failures, and compliance violations. A new midyear …
Online crime-as-a-service skyrockets with 24,000 users selling attack tools
The growth of AI-based technology has introduced new challenges, making remote identity verification systems more vulnerable to attacks, according to iProov. Innovative and …
Self-sovereign identity could transform fraud prevention, but…
The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and …
Deepfakes force a new era in fraud detection, identity verification
The rise in identity fraud over the past two years has significantly impacted all industries, especially finance, banking, fintech, and crypto, according to Regula. With …
Balancing usability and security in the fight against identity-based attacks
In this Help Net Security interview, Adam Bateman, CEO of Push Security, talks about the rise in identity-based attacks, how they’re becoming more sophisticated each year, and …
Machine identities are the next big target for attackers
86% of organizations had a security incident related to their cloud native environment within the last year, according to Venafi. As a result, 53% of organizations had to …
46% of financial institutions had a data breach in the past 24 months
As the financial industry is the most targeted sector for data breaches in 2024, it’s now more important than ever to strengthen the industry moving into 2025, according to …
Cross-IdP impersonation bypasses SSO protections
Cross-IdP impersonation – a technique that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream software-as-a-service …
What 2025 holds for user identity protection
In this Help Net Security video, David Cottingham, President of rf IDEAS, discusses what he sees as the most prominent areas for improvement and continued change in the space: …
The changing face of identity security
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find …
Apple’s 45-day certificate proposal: A call to action
In a bold move, Apple has published a draft ballot for commentary to GitHub to shorten Transport Layer Security (TLS) certificates down from 398 days to just 45 days by 2027. …
Featured news
Resources
Don't miss
- Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844)
- Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)
- How to get better results from bug bounty programs without wasting money
- Hackers launch data leak site to extort 39 victims, or Salesforce
- Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)