How much does cloud-based identity expand your attack surface?

We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael Jordan once said, “Get the fundamentals down, and the level of everything you … Continue reading How much does cloud-based identity expand your attack surface?

Cybercriminals use cheap and simple infostealers to exfiltrate data

The rise in identity-based attacks can be attributed to a rapid increase in malware, according to SpyCloud. Researchers found that 61% of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related. Of these c… Continue reading Cybercriminals use cheap and simple infostealers to exfiltrate data

Key MITRE ATT&CK techniques used by cyber attackers

While the threat landscape continues to shift and evolve, attackers’ motivations do not, according to a Red Canary report. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions. The report tracked MITRE ATT&… Continue reading Key MITRE ATT&CK techniques used by cyber attackers

Major shifts in identity, ransomware, and critical infrastructure threat trends

In this Help Net Security video, Michelle Alvarez, Strategic Threat Analysis Manager at IBM X-Force, discusses the 2024 X-Force Threat Intelligence Index, revealing top threats and trends the team observed last year across its global engagements and ho… Continue reading Major shifts in identity, ransomware, and critical infrastructure threat trends

Avast ordered to pay $16.5 million for misuse of user data

The Federal Trade Commission will require software provider Avast to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising purposes to settle charges that the company and its subsidiaries sold such i… Continue reading Avast ordered to pay $16.5 million for misuse of user data

The old, not the new: Basic security issues still biggest threat to enterprises

In 2023, cybercriminals saw more opportunities to “log in” versus hack into corporate networks through valid accounts – making this tactic a preferred weapon for threat actors, according to IBM’s 2024 X-Force Threat Intelligence Index… Continue reading The old, not the new: Basic security issues still biggest threat to enterprises

A closer look at Israeli cybersecurity funding and M&A activity in 2023

Last year was challenging for the global market, and the market downturn greatly affected even the historically resilient cybersecurity ecosystem. In this Help Net Security video, Merav Ben Avi, Content Manager at YL Ventures, talks about how the Israe… Continue reading A closer look at Israeli cybersecurity funding and M&A activity in 2023

How decentralized identity is shaping the future of data protection

In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity (DCI) in cybersecurity. By redistributing identity management responsibilities among issuers, hold… Continue reading How decentralized identity is shaping the future of data protection

Why identity fraud costs organizations millions

92% of respondents to a recent report shared that their organization had been a victim of identity fraud, costing an average of $4.3 million over the last 12 months. Even so, only 40% stated identity verification as a top identity challenge, noting tha… Continue reading Why identity fraud costs organizations millions