Privileged User Management News, Articles and Updates

Recommendations for cloud security: do the basics and plan for the worst

Don't keep secret or sensitive information in plain text; ensure regular patching; deploy 'least-privilege' to staff; use 2FA and secure password protocols; plan for what to do in the event of a breach and don't try to cover them up.

CCleaner attackers gained access to app developer's network via TeamViewer

The attackers who infected 2.27 million machines last year using a modified version of the computer maintenance app CCleaner gained unauthorised access to the developer's network using remote access program TeamViewer.

How poor privileged account management enables serious security breaches

There is a tendency for companies to simply lose track of their privileged accounts; 70 percent of organisations failed to fully discover all of the privileged accounts on their systems.

Prevent your greatest assets from becoming your greatest threats

Advanced privilege management solutions are simple to deploy and easily integrated with different systems, meaning businesses can enjoy security peace of mind without impacting user productivity, while cutting helpdesk calls.

Decoding DevOps security - implementing a coherent & compliant programme

It is crucial to devise a programme early on that enables the curation, and distribution via automation, of consistent security policies for access to cloud keys and credentials—in a compliant way.

There's a lot we can learn from 2017's 'big four' breaches

The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.

Insider threats: Suffering from the detective's curse

Recent research shows 41 per cent of UK respondents stating that they have complete trust in employees with privileged access. This isn't a good position to be in.

Interview: Understanding zero trust models - Akamai's preferred approach

Patrick Sullivan, director, security technology and strategy at Akamai Technologies explains the concept of Zero Trust perimeters and cloud perimeters in an interview with SC Media UK's editor-in-chief, Tony Morbin.

The three key trends compromising credentials and allowing criminal access

One of the best ways for organisations to lock down data and ensure their "crown jewels" can only be accessed by those necessary is by implementing a privileged account strategy says Lavi Lazarovitz.

Understanding the threat of privilege identity theft

You'd think hackers will attempt social engineering exploits on your privileged users. In reality, it is more likely they will aim for a softer initial target. But once within the network, hackers will move onto their true target, the privileged user.

Intel Management Engine vulnerabilities expose millions of PCs to attack

Intel researchers identified an elevation of privilege exploits in various product families which could enable a system crash or system instability, among other issues.

The security risks of ghost users: 1 in 4 accounts are inactive

Some 26 percent of all accounts surveyed were of 'stale enabled users'; accounts - and 90 percent in one case.The risk is two-fold: ex-employee with unauthorised access, and the account can be hijacked by an external hacker.

Stopping a 3rd party IT supplier data breach taking down a government

Government organisations responsible for highly sensitive information must ensure that if they are trusting a third-party IT supplier, they have a comprehensive privileged access management strategy in place says Csaba Krasznay

If you could break into your company systems, what would you do?

Privileged access - not people - is the true insider threat says David Higgins. Securing privileged accounts should be on-going with continuous evaluation and adjustments to improve security as the threat landscape changes.

Critical patches target privilege escalation

Half of this months Patch Tuesday releases are critical, many addressing privilege escalation.

The rise of state-sponsored cyber attacks

Never underestimate just how valuable enterprise data is to cyber-criminals, from low-level thieves to extremely well-funded (and therefore, well-armed) state-sponsored attackers, says Matt Middleton-Leal.

Dumb PIN-reset Android malware found in the wild

Aggressive Lockerpin ransomware seizes admin control and changes PIN code to something that even the attackers don't know.

Privileged identities are at the core of today's cyber attacks

Given the difficulty of preventing them, we should focus instead on minimising the damage from cyber-attacks, says Philip Lieberman.

Is your summer intern more prepared than you?

Your business needs to secure itself against the new wave of Summer Interns, says Chris Sullivan.

ISIS hackers take control of French TV station

Hackers claiming to be closely associated with ISIS took French TV station TV5Monde offline for hours and defaced its social media sites earlier today.

Research reveals hackers are increasingly exploiting privileged accounts

New research claims that the security threats landscape is now almost egalitarian in nature, with almost every industry - and every company - now being a security target.

Guarding against insider misuse

Track and audit changes on the network, especially by privileged users, and make it known that monitoring happens in order to reduce misuse says Michael Fimin.

The top 8 ways that privileged accounts are exploited

Failure to properly monitor and update privileged access is a key vulnerability and Chris Stoneff highlights the leading weaknesses.

Windows app privileges subverted

Researchers have spotted new attack vectors being used to exfiltrate company online banking credentials.

Cyber-Ark introduces privileged user detection tool

Cyber-Ark has announced the launch of a 'Discovery & Audit' (DNA) product that aims to enable users to scan and identify privileged accounts.