Apple's latest desktop operating system, High Sierra, has a massive vulnerability that allows anyone to create, without a password, a "root" account that has access to all files on the computer. It's the third authentication-related fumble found in High Sierra since its general release in September.
With the aim of protecting data privacy, the government of Singapore is considering taking steps to greatly reduce the use of the National Registration Identity Card numbers for verifying consumers' identities.
Nearly 50,000 personal records relating to Australian government employees as well as the employees of two banks and a utility were exposed to the internet due to a misconfigured Amazon storage server. The episode is the latest in a string of large breaches to hit Australia.
The United Kingdom might be greater than the sum of its parts. But when it came to the WannaCry outbreak, some parts of the United Kingdom did less great than others. Here's how the governments and health boards of Scotland, Northern Ireland and Wales are responding.
An analysis on finding a replacement for Social Security numbers as an identifier for individuals leads the latest edition of the ISMG Security Report. Also, assessing Kaspersky Lab's responsibility for the hack of an NSA contractor's computer.
Leading the latest edition of the ISMG Security Report: A deep dive into how continuously monitoring user behavior could replace passwords as a means of authentication. Also, U.S. federal agencies continue to fall short on IT security.
The key to simplifying the implementation of identity and access management, and streamlining integration with other systems, is to take advantage of industry standards, says Mark Perry of Ping Identity, an identity-defined security provider
It's the age of "open banking," and that means changes for banking institutions and their customers - as well as for the fraudsters. Shaked Vax of IBM Security Trusteer talks about new vulnerabilities and anti-fraud strategies.
Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications for better security and end-user experience, says Jim Routh, the health insurer's CISO.
In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
At a time when fraud is attempted across multiple channels and customers still demand a frictionless digital experience, Kevin Donovan of Biocatch makes the case for organizations to embrace the tenets of continuous authentication.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
To encourage individuals to improve their security practices, begin by not blaming them. That was one takeaway from security experts at the Infosecurity Europe conference, who offered practical tips for changing user behavior and creating a culture of security.