Don't keep secret or sensitive information in plain text; ensure regular patching; deploy 'least-privilege' to staff; use 2FA and secure password protocols; plan for what to do in the event of a breach and don't try to cover them up.
The attackers who infected 2.27 million machines last year using a modified version of the computer maintenance app CCleaner gained unauthorised access to the developer's network using remote access program TeamViewer.
There is a tendency for companies to simply lose track of their privileged accounts; 70 percent of organisations failed to fully discover all of the privileged accounts on their systems.
Advanced privilege management solutions are simple to deploy and easily integrated with different systems, meaning businesses can enjoy security peace of mind without impacting user productivity, while cutting helpdesk calls.
It is crucial to devise a programme early on that enables the curation, and distribution via automation, of consistent security policies for access to cloud keys and credentials—in a compliant way.
The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.
Recent research shows 41 per cent of UK respondents stating that they have complete trust in employees with privileged access. This isn't a good position to be in.
Patrick Sullivan, director, security technology and strategy at Akamai Technologies explains the concept of Zero Trust perimeters and cloud perimeters in an interview with SC Media UK's editor-in-chief, Tony Morbin.
One of the best ways for organisations to lock down data and ensure their "crown jewels" can only be accessed by those necessary is by implementing a privileged account strategy says Lavi Lazarovitz.
You'd think hackers will attempt social engineering exploits on your privileged users. In reality, it is more likely they will aim for a softer initial target. But once within the network, hackers will move onto their true target, the privileged user.
Intel researchers identified an elevation of privilege exploits in various product families which could enable a system crash or system instability, among other issues.
Some 26 percent of all accounts surveyed were of 'stale enabled users'; accounts - and 90 percent in one case.The risk is two-fold: ex-employee with unauthorised access, and the account can be hijacked by an external hacker.
Government organisations responsible for highly sensitive information must ensure that if they are trusting a third-party IT supplier, they have a comprehensive privileged access management strategy in place says Csaba Krasznay
Privileged access - not people - is the true insider threat says David Higgins. Securing privileged accounts should be on-going with continuous evaluation and adjustments to improve security as the threat landscape changes.
Half of this months Patch Tuesday releases are critical, many addressing privilege escalation.
Never underestimate just how valuable enterprise data is to cyber-criminals, from low-level thieves to extremely well-funded (and therefore, well-armed) state-sponsored attackers, says Matt Middleton-Leal.
Aggressive Lockerpin ransomware seizes admin control and changes PIN code to something that even the attackers don't know.
Given the difficulty of preventing them, we should focus instead on minimising the damage from cyber-attacks, says Philip Lieberman.
Your business needs to secure itself against the new wave of Summer Interns, says Chris Sullivan.
Hackers claiming to be closely associated with ISIS took French TV station TV5Monde offline for hours and defaced its social media sites earlier today.
New research claims that the security threats landscape is now almost egalitarian in nature, with almost every industry - and every company - now being a security target.
Track and audit changes on the network, especially by privileged users, and make it known that monitoring happens in order to reduce misuse says Michael Fimin.
Failure to properly monitor and update privileged access is a key vulnerability and Chris Stoneff highlights the leading weaknesses.
Researchers have spotted new attack vectors being used to exfiltrate company online banking credentials.
Cyber-Ark has announced the launch of a 'Discovery & Audit' (DNA) product that aims to enable users to scan and identify privileged accounts.