While 2FA is being implemented more often and users are more frequently protecting their accounts, we need to see these numbers double or triple what we see today for us to be confident that the internet is safer.
US-based speech recognition software firm Nuance announced the breach of thousands of patient records after a third party gained unauthorised access.
Hackers were able to gain unauthorised access to the IT platform of Rail Europe's e-commerce websites for three long months before the firm was alerted to a possible breach by one of its banks.
While Russian-affiliated actors who took aim at US state election systems and the US voting process likely didn't change votes, in a few states they were able to access US voter registration databases.
Two-factor authentication may not be the panacea of securing access to online accounts that many believe it is as KnowBe4's Kevin Mitnick shows how easily this defensive measure can be spoofed.
F-Secure finds millions of hotel rooms at risk from hackers. The key card given out by hotels to guests to access their rooms may not be as secure as thought.
Web trackers like Bandsintown are exploiting the "Login with Facebook" feature to gain access to data from the social media firm's users, according a report by security researchers at the Freedom to Tinker blog.
Nearly 70 percent of successful ransomware attacks in 2017 were the result of hackers gaining access to enterprise networks by phishing via email or social media network.
Gwent Police failed to inform up to 450 people that hackers may have accessed their confidential information after it found that an online tool that allowed citizens to report incidents to the Police was exposed to hackers.
Does the US' FBI really need tech companies to provide backdoors in their products to gain access to illegal material stored there? Apparently not...as long as members of the Geek Squad are willing to do the agency's bidding.
Millennials use passwords less than others and as they come to dominate the workforce, their online authentication habits impact the way employers and technology companies provide access to devices and applications.
IT and security leaders must elevate IAM out of the realm of IT, via a programme management approach, so it becomes a business-wide initiative; IAM leaders need to assert themselves in digital transformation initiatives.
Multiple Chase Bank customer accounts in the US were exposed after what was described as a "glitch" granted customers looking to log into their own accounts access to the accounts of random customers instead.
Russian hacking group Fancy Bear, have exploited weakspots in the email systems of defence contract workers to access top secret information on US defence technology, including drones.
Bomgar has acquired Lieberman Software to help boost the company's secure access software portfolio and giving it access to Lieberman's privileged identity and credential management technology.
A society where identity authentication is allowed without users' volition would be a society where democracy is dead. The password as memorised secret is absolutely necessary says Hitoshi Kokumai.
The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.
For voice biometrics to become a cross-industry security standard, there is a greater need for a more advanced and robust solution says Nick Gaubitch.
It's vital that multi-factor authentication systems become the industry standard for securing both customer and internal IT accounts. By replacing the outdated password-username combination, most hackers are outfoxed.
A series of cyber-campaigns, jointly known as the Hex-Men Trio, that specifically target SQL Servers in order to use them to conduct additional attacks has been identified by Guardicore Labs.
The essence of IAM (identity and access management) is ensuring that the right people, have the right access, to the right resources, in the right ways, and that you can prove all those "rights" to the people that need to know.
Relying on usernames and passwords to authenticate user identity is irresponsible. If one of your tweaked passwords is lost or stolen, you should throw all versions of it away as hackers know that people tweak passwords.
Yesterday large parts of the world were without their LinkedIn accounts due to an SSL certificate expiry and those that were able to login were browsing without encryption, meaning all of their data was potentially at risk.
A root access flaw in Apple's macOS High Sierra 10.13.1 makes it possible for anyone to log into the system by typing "root" into the name field.
Enforcing authorisation directly at the data level can be incredibly powerful as it could mean minimal or no changes to the applications that are accessing the data itself says Jonas Iggbom.
Rémy Cointreau faced a challenge to create a more agile organisation through its IT infrastructure, providing employees with the ability to securely access applications from any device at any time and from anywhere.
Google issued a public apology on Thursday after a bug mistakenly caused its defences against malware, phishing, and spam to block some users' access to Google Docs files on 31 October.
A society where login without users' volition is allowed would be a society where democracy is dead says Hitoshi Kokumai
Marcell Gogan discusses the threat of privileged user access and how it often goes largely ignored