18 Sep 2019

33% of executives don’t trust their organization to protect employee data

One in three US executives are not confident that their company can keep the private information of staff members out of the hands of cybercriminals, a new Dell survey covering 42 countries reveals. The global average is 29%, with executives in South Korea (51%) and Singapore (42%) reporting the highest

Read More
17 Sep 2019

LastPass Patches Bug Leaking Last-Used Credentials

The Chrome and Opera browser extensions for the freemium password manager LastPass contained a vulnerability that could be exploited to make the application leak login credentials, a security researcher with Google recently discovered. In order to exploit the bug, threat actors needed to get victims to visit a malicious website

Read More
16 Aug 2019

Google Estimates 1.5% of Web Logins Exposed in Data Breaches

A new Google report based on data recorded by the Password Checkup browser extension for Chrome shows that 1.5% of web logins involved credentials that have been exposed in a data breach. The extension anonymously checks hashes against a massive database of credentials that have been compromised in a breach.

Read More
19 Jul 2019

Why 72% of people still recycle passwords

A new Security.org report underscores how poor the password practices of many people still are. The survey found that the vast majority (72%) of users reuse passwords. On average, recycled passwords are used for 4 different accounts. Password recycling is a terrible practice because it puts users at risk of

Read More
19 Jul 2019

Slack Resets Account Passwords Compromised During 2015 Hack

Slack has reset the passwords of 1% of its user accounts because these may have been compromised in a 2015 security breach. The company stated that this incident involved a third party obtaining unauthorized access to a Slack database containing “user profile information including usernames and irreversibly encrypted, or ‘hashed,’

Read More
28 Jun 2019

Over reliance on public cloud vendor security puts data and companies at risk of breach

In line with previous research, a new CyberArk study found that many organizations overstate the security benefits of moving assets to the cloud. The survey found that 36% of firms believe the top benefit of cloud adoption is offloading security risk. The main security concerns companies have when it comes

Read More
24 Jun 2019

TripAdvisor Invalidates Member Passwords Found in Data Breaches

TripAdvisor is taking a proactive approach to prevent its users from falling victim to credential stuffing attacks by invalidating member passwords if the password and corresponding email address were found in publicly leaked data breach databases. Credential stuffing attacks, in which a threat actor uses leaked or stolen login credentials

Read More
19 Jun 2019

Insecure password memory aids: A passwordless future could be the solution

A new survey by Okta shows that many employees are open to passwordless authentication. For example, 70% of employees think that the adoption of biometrics would benefit their organization. According to Dr. Maria Bada of Cambridge University, the research indicates that many employees dislike passwords because they “can experience negative emotions

Read More
06 Jun 2019

How privileged insiders threaten the security of global organizations

Almost two out of three IT organizations suspect that they suffered a direct or indirect breach in the past year due to abused or misused employee access (64%) or because a third party vendor got hacked (62%), new research by BeyondTrust shows. The report also highlights the prevalence of poor

Read More
30 May 2019

Security overconfidence and immaturity continue to endanger organizations

New research by Centrify and Techvangelism paints a bleak picture of the state of Privileged Access Management (PAM) in organizations. While nearly 74% of breaches involve privileged access abuse, almost eight in ten (79%) firms do not have a mature PAM strategy to protect privileged accounts. Despite this, a whopping

Read More