Time has not been kind to IDS and has created wide security gaps. To combat the outdated nature of IDS, organizations should adopt next-generation IDS to fulfill the defense-in-depth promise unmet by legacy IDS. NG-IDS is effective against more types of attacks and fills glaring decryption and cloud compliance gaps while improving security.
Apple has unveiled the first eight states that will roll out digital IDs and drivers licenses on its mobile devices, despite critics' concerns that the introduction of purely digital forms of identification will raise privacy, security and equanimity issues. To assuage security fears that come with storing people's identity on its devices, Apple is asserting that state DLs and IDs stored in Wallet on iPhone and Apple Watch will "Take full advantage of the privacy and security" built into the devices, the company said.
Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers and Cloud Intrusion Detection System for network-based threat detection. Autonomic Security Operations, the Internet giant says, represents a "Stack of products, integrations, blueprints, technical content, and an accelerator program" meant to help customers leverage Chronicle and Google technology and expertise to advance their SOC. A collection of philosophies, practices, and tools, Autonomic Security Operations should help organizations improve their resilience against cyberattacks, with an automated approach to threat management.
Hong Kong's Office of the Government Chief Information Officer has revealed that the territory is investigating the use of its digital ID in mainland China. In a Q&A, Secretary for Innovation and Technology, Mr Alfred Sit, said "The OGCIO is exploring with relevant authorities in the Mainland and Macao the collaboration opportunities between their identity authentication systems and iAM Smart."
As part of this partnership, Liquid Web customers can employ the Threat Stack Oversight Intrusion Detection System as an additional layer of security to Liquid Web servers with an advanced Intrusion Detection System. Together, Threat Stack Oversight and Liquid Web will provide customers with real-time monitoring for user, process, network, and file behaviors in critical systems across Linux and Windows servers.
This cloud-based software offers a simple, secure, adaptable and efficient way to issue physical and digital IDs using a single, easy-to-use platform. As organizations become more decentralized, opening the door to new requirements to securely manage and remotely issue credentials, there is an increase in pressure to maintain a safe and secure flow of data - including the data stored on physical and digital credentials.
Finland's domestic security agency said Thursday that the cybergroup APT31, which is generally linked to the Chinese government, was likely behind a cyberspying attack on the information systems of the Nordic country's parliament. The Finnish Security and Intelligence Service, known by the abbreviation Supo, said it had "Identified a cyber espionage operation targeted in 2020 against parliament with the aim of intruding into parliament's IT systems."
Government imposter scams now come with a new twist that has the potential to make them even more effective, as the Inspector General for the Social Security Administration warns. According to reports received by the Office of the Inspector General, the scammers' tactics arsenal has been updated to include the use of fake IDs designed to look like those used by Federal employees.
A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world. Reverse-image searches for headshots revealed that these well-known European volleyball players were either directly associated with CEV or were part of a volleyball team or federation affiliated with the CEV. BleepingComputer also found some of CEV's assets in the bucket, such as branding images with CEV logos on them.
A vulnerability in the popular TikTok short-form video-sharing platform could have allowed attackers to easily compile users' phone numbers, unique user IDs and other data ripe for phishing attacks. In order to help users find friends through their contacts, TikTok contained a sync feature for contacts who had TikTok accounts.