Shadow IT and misconfigured application programming interface accounted for the vast majority of security incidents in the cloud last year, according to the 2021 IBM Security X-Force Cloud Threat Landscape Report.
Security teams who aim to control secure access to networked applications and sensitive data often focus on the authentication of user credentials. Yet, the explosive growth of connected devices and machines in today’s enterprises exposes critical security vulnerabilities within machine-to-machine communications, where no human is involved.
In the past, passwords were the key to accessing systems and platforms, and they held much value as a security measure for businesses. But over time, the threat landscape has evolved, and weaknesses have been discovered in standard encryption methods that have diminished the password’s value.
The Website Planet research team, in cooperation with security researcher Jeremiah Fowler, discovered a non-password protected database that contained just under one billion records. The exposed records revealed usernames, display names, and emails for WordPress accounts.
Nearly half (48%) of organizations do not have a user verification policy in place for password reset calls to IT service desks, according to a new Specops Software survey, which highlights social engineering vulnerabilities among IT service help desks.
Removing passwords is a solid goal as they are fraught with vulnerability issues – reuse, common construction patterns and the almighty leaked password problem. These are the three reasons why most organizations are not ready to abandon on-premises Active Directory and move towards a cloud-only model.
Comparitech researchers set up honeypots on the web to lure in attackers and record their actions. They recorded 73,000 attacks in 24 hours. The honeypots were left unsecured so that no authentication was required to access and attack it. Using this method, Comparitech researchers sought to find out which types of attacks would occur, at what frequency, and where they come from.
A recent Dell Technologies Brain on Tech study found when people were tasked with logging into a computer with a long, difficult password, their stress not only increased by 31% within 5 seconds, but it continued to rise even after successfully logging in. Password stress goes hand in hand with a growing appetite for biometrics on devices. Dave Konetski, VP/Fellow of Dell Technologies Client Solutions Group, believes that as technologies like fingerprint readers and facial recognition continue to gain popularity, "this year’s Change Your Password Day may mark a shift or perhaps a beginning to the end of passwords as we know it."
Enterprises worldwide are accelerating the adoption of passwordless authentication technologies in response to the increase in cybersecurity threats in 2020, according to a new report released by HYPR, The Passwordless Company and Cybersecurity Insiders.
Dashlane announced the findings of its new Workplace Security Survey which looked at employee sentiment and habits around workplace security practices—and who the responsibilities should fall on. As many companies continue to grapple with a remote workforce, overall employee security measures become more critical, especially as many are relying on personal devices and networks for work. The online survey, conducted by The Harris Poll on behalf of Dashlane among over 1,200 employed U.S. Americans, sheds light on how employees view and manage company security—and reveals they aren’t necessarily taking the security of their work accounts as seriously as they should.