The new imperative in API security strategy
Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according …
Is the new OWASP API Top 10 helpful to defenders?
The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) …
Adapting authentication to a cloud-centric landscape
In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote …
Password reset woes could cost FTSE 100 companies $156 million each month
Password resets could unnecessarily cost FTSE 100 businesses over $156 million every month, according to MyCena Security Solutions. This raises the question of the necessity …
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …
Are your cybersecurity investments making you less resilient?
In the past decade, digital transformation has become a buzzword in nearly every industry. Organizations have scaled down workforces in favor of automation, moved their …
Why are many businesses still not using a password manager?
Why are we still talking about passwords? We already have single sign-on (SSO), and passwordless is the new buzzword everyone is talking about, but when you put yourself in …
Account pre-hijacking attacks possible on many online services
Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on …
Shadow IT is a top concern related to SaaS adoption
Torii announced a report revealing that 69% of tech executives believe shadow IT is a top concern related to SaaS – or cloud application – adoption. The majority of …
How to contain a privileged access breach and make sure it doesn’t happen again
When attackers pull off a privileged access breach, they have a beachhead into your network. Regardless of whether it’s software or users that are ill-protected, threat actors …
The importance of balancing security requirements and employee user experience
LastPass released the findings of an IDC survey which revealed that “balancing company security requirements and the employee user experience” is the number one identity …
How to ease password pains while maintaining security
As much as any industry, healthcare must deal with a security landscape that is fraught with challenges and tensions. Health delivery organizations (HDOs) operate under …
Featured news
Sponsored
Don't miss
- Meta introduces default end-to-end encryption for Messenger and Facebook
- New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)
- December 2023 Patch Tuesday forecast: ‘Tis the season for vigilance
- Aim for a modern data security approach
- Short-term AWS access tokens allow attackers to linger for a longer while