Gwent Police failed to inform up to 450 people that hackers may have accessed their confidential information after it found that an online tool that allowed citizens to report incidents to the Police was exposed to hackers.
Does the US' FBI really need tech companies to provide backdoors in their products to gain access to illegal material stored there? Apparently not...as long as members of the Geek Squad are willing to do the agency's bidding.
Millennials use passwords less than others and as they come to dominate the workforce, their online authentication habits impact the way employers and technology companies provide access to devices and applications.
IT and security leaders must elevate IAM out of the realm of IT, via a programme management approach, so it becomes a business-wide initiative; IAM leaders need to assert themselves in digital transformation initiatives.
Multiple Chase Bank customer accounts in the US were exposed after what was described as a "glitch" granted customers looking to log into their own accounts access to the accounts of random customers instead.
Russian hacking group Fancy Bear, have exploited weakspots in the email systems of defence contract workers to access top secret information on US defence technology, including drones.
Bomgar has acquired Lieberman Software to help boost the company's secure access software portfolio and giving it access to Lieberman's privileged identity and credential management technology.
A society where identity authentication is allowed without users' volition would be a society where democracy is dead. The password as memorised secret is absolutely necessary says Hitoshi Kokumai.
The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.
For voice biometrics to become a cross-industry security standard, there is a greater need for a more advanced and robust solution says Nick Gaubitch.
It's vital that multi-factor authentication systems become the industry standard for securing both customer and internal IT accounts. By replacing the outdated password-username combination, most hackers are outfoxed.
A series of cyber-campaigns, jointly known as the Hex-Men Trio, that specifically target SQL Servers in order to use them to conduct additional attacks has been identified by Guardicore Labs.
The essence of IAM (identity and access management) is ensuring that the right people, have the right access, to the right resources, in the right ways, and that you can prove all those "rights" to the people that need to know.
Relying on usernames and passwords to authenticate user identity is irresponsible. If one of your tweaked passwords is lost or stolen, you should throw all versions of it away as hackers know that people tweak passwords.
Yesterday large parts of the world were without their LinkedIn accounts due to an SSL certificate expiry and those that were able to login were browsing without encryption, meaning all of their data was potentially at risk.
A root access flaw in Apple's macOS High Sierra 10.13.1 makes it possible for anyone to log into the system by typing "root" into the name field.
Enforcing authorisation directly at the data level can be incredibly powerful as it could mean minimal or no changes to the applications that are accessing the data itself says Jonas Iggbom.
Rémy Cointreau faced a challenge to create a more agile organisation through its IT infrastructure, providing employees with the ability to securely access applications from any device at any time and from anywhere.
Google issued a public apology on Thursday after a bug mistakenly caused its defences against malware, phishing, and spam to block some users' access to Google Docs files on 31 October.
A society where login without users' volition is allowed would be a society where democracy is dead says Hitoshi Kokumai
Marcell Gogan discusses the threat of privileged user access and how it often goes largely ignored
The government of Singapore is to shut off access to the internet of government agencies in an effort to preempt a cyber-attack or a data breach.
Automated attack breaks access system used by Google and Facebook
In 2015, the average company had roughly 9.9 million files accessible to every employee regardless of their roles.
François Amigorena explains how and why password sharing has become popular in business today
Take human memory out of the equation and passwords remain a viable access option says Emmanuel Schalit.
Unused accounts left by interns who have left to begin the new academic year pose a common security risk which could lead to data breaches according to security company Courion.
Privilege controls can work, but cannot cater for all eventualities, says Quocirca analyst Rob Bamforth.