What is identity governance and administration (IGA)?
Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise. IGA represents two areas: Identity governance addresses issues of organization, providing practitioners with network visibility, roles, attestation or proof, segregation of duties (SoD), reporting and analytics. Identity administration handles issues of […]
Read More
Infoblox: 800,000 domains vulnerable to hijacking attack
Infoblox warned that threat actors are increasingly exploiting misconfigured DNS name servers to hijack domains using a technique that’s difficult for victims to detect. The network security vendor published a new report Thursday titled “DNS Predators Attack: Vipers and Hawks Hijack Sitting Ducks.” The report expands on an attack vector dubbed “Sitting Ducks” that Infoblox […]
Read More
CISA, FBI confirm China breached telecommunication providers
CISA and the FBI confirmed that Chinese nation-state actors have compromised telecommunications provider networks to spy on government and political leaders in what the agencies called a “broad and significant cyber espionage campaign.” The government agencies published a joint statement on Wednesday, which said the U.S. has been investigating the People’s Republic of China targeting […]
Read More
8 ways enterprises can enhance object storage security
Data stored as objects can take many different forms and sizes, such as analytical data and video files, and volumes can run high — think petabytes. As a result, object storage security is essential to protect data from hackers, ransomware, and other cyberattacks and risks. The eight best practices for object storage security here include […]
Read More
CEO: GenAI changes multi-cloud security, network equation
Generative AI presents enterprises with higher cloud costs than traditional workloads, complicating multi-cloud security and networking, according to one industry CEO. Data gravity and the cost of GPU-based computing infrastructure that’s required for generative AI (GenAI) mean many enterprises are choosing to move AI apps to various locations, including back on-premises, according to Doug Merritt, […]
Read More
Most widely exploited vulnerabilities in 2023 were zero days
Attackers exploited significantly more zero-day vulnerabilities against victim organizations in 2023 compared to 2022, according to a new government advisory. CISA published a joint government advisory Tuesday that detailed the topmost exploited vulnerabilities of 2023. The advisory, co-authored by agencies in the U.K., Australia, Canada and New Zealand, warned of alarming trends that further underscored […]
Read MoreAn explanation of ethical hackers
In this video, TechTarget editor Jennifer English talks about ethical hackers, how they differ from typical hackers and how they can aid in protecting an organization’s data. Although the term hacker usually comes with a negative connotation, there are good hackers too. An ethical hacker is an infosec specialist who breaks into a computer system, […]
Read More
Microsoft halts 2 zero-days on November Patch Tuesday
For November Patch Tuesday, Microsoft admins must address two Windows zero-days quickly, but enterprises that use on-premises Exchange Server should prioritize patching that platform to resolve a spoofing vulnerability. This Patch Tuesday, Microsoft released fixes for 88 new vulnerabilities with four rated critical. Of the two zero-days, one was also publicly disclosed. In total, Microsoft […]
Read More
Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany
Nearly every weekday morning, a device leaves a two-story home near Wiesbaden, Germany, and makes a 15-minute commute along a major autobahn. By around 7 am, it arrives at Lucius D. Clay Kaserne—the US Army’s European headquarters and a key hub for US intelligence operations. The device stops near a restaurant before heading to an […]
Read More
Immigration Police Can Already Sidestep US Sanctuary City Laws Using Data-Sharing Fusion Centers
On the campaign trail and in recent days, Donald Trump has detailed extensive plans for immigration crackdowns and mass deportations during his second term as United States president. These initiatives would, he has said, include aggressive operations in areas known as “sanctuary cities” that have laws specifically curtailing local law enforcement collaboration with US Immigration […]
Read More