Security News

Modern-day attack surface management can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being decommissioned, and ongoing migrations to cloud providers. For these reasons, attack surface management tooling must be extremely scalable and fast, balancing acceptable levels of accuracy loss to lower the overall time to find assets and detect ephemeral risks.

One of the core benefits of the cloud is the ability to move fast and innovate rapidly, which means teams may just throw in the towel and grant admin privileges to their entire cloud identities instead of tackling the massive deluge of individual requests for access. Cloud identity management is a real challenge, but organizations are capable of preventing identity risk exposure and identity threats, especially if they avoid the four common pitfalls.

Bank-fintech partnerships continue to rise as financial institutions look to streamline operations, improve customer experiences, drive profitability, and manage risk and compliance efforts. The guidance promotes standardization for assessing third-party risk and describes sound risk management principles when developing and implementing third-party risk management practices.

IT asset management software comparison Asset Panda: Best for allowing unlimited users. Through UpKeep's Asset Operations Management Platform, teams can monitor asset maintenance, manage assets throughout their life cycles and improve asset performance.

Trucking and fleet management solutions provider ORBCOMM has confirmed that a ransomware attack is behind recent service outages preventing trucking companies from managing their fleets.Customers have told BleepingComputer that ORBCOMM has not shared what was causing the outage and only recently said that they hope to restore services by September 29th. After contacting the company, ORBCOMM confirmed they suffered a ransomware attack on September 6th that impacted the company's FleetManager solution and Blue Tree product line.

Without appropriate access management controls, businesses are at significant risk from the loss or theft of both physical and digital assets. Access management controls establish who is allowed the appropriate level of access in order to do their jobs, while reducing the potential for damage or harm to the company.

Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories. "The most severe of those nine vulnerabilities would allow a threat actor to facilitate remote code execution on an engineering workstation," Nozomi Networks said in a report published last week.

The SEC adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted rules requiring foreign private issuers to make comparable disclosures.

As device diversification continues and more Apple devices enter corporate environments, IT leaders face added management complexity. This new device management standard is built around the concept of shifting device management from centralized servers onto the devices themselves.

Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture - regardless of where it's been duplicated or moved...