Identity Security | Breaking Cybersecurity News | The Hacker News

Many of the day-to-day digital operations of businesses, governments, and critical infrastructure have one thing in common: Microsoft. From the Microsoft Windows operating systems powering endpoints and servers, to Azure's rapidly growing cloud services, Microsoft's products are everywhere, making the company and its products attractive targets for threat actors seeking to exploit vulnerabilities at scale.  With more than 1.4 billion Windows users around the globe and the adoption of platforms like Microsoft 365, Active Directory, and Azure surging, a single exploitable vulnerability in a Microsoft product can open the door to privilege escalation, lateral movement, or ransomware deployments that impact tens of thousands of interconnected systems. Whether nation state or financially motivated, modern cyber-crime syndicates will consistently take the path of least resistance, and vulnerable assets are a reliable attack vector. For twelve years, the Microsoft Vulnerabilities Repor...

Cybercriminals don't just hack systems—they hack people. They've figured out that humans are wired to trust, empathize, and help, and they're using that against us in ingenious ways. Take this jaw-dropper: In 2024, a company lost over $25 million because an employee fell for a deepfake during a video call. Yep, a fake video of "trusted colleagues" tricked someone into handing over the keys to the kingdom—all kicked off by a phishing email. Ouch. If we want to stay one step ahead, we need to understand the psychology behind these attacks. Let's break it down—the human vulnerabilities, the identity and access management (IAM) fixes, and how to make tech work with (not against) our brains. Why Humans Are the Weakest Link Here's the deal: Humans evolved to trust and empathize. It's why we have friends, families, and functional societies. Mirror neurons in our brains make us feel what others feel, which is awesome for bonding… but terrible when a scammer shows up. Cybercrimi...

Cyberattacks are already the most significant operational and financial threat to almost every type of business. Surveys of CISOs consistently reveal phishing attacks, identity security, social engineering, and the resulting data breaches and ransomware attacks are the top concerns.  These fears are well founded. Each new day brings fresh headlines of another major breach or successful ransomware attack. The Cybersecurity and Infrastructure Security Agency (CISA), an agency of the DHS reports that 90% of ransomware attacks begin with phishing. Last quarter witnessed the first individual ransomware loss that exceeded a billion dollars of damages, and a leading news media reported nine new major breaches in a single week.  What is driving this epidemic and how much worse will it get?  The answers are both simple and complex. The simple answer is that this next generation of cyberattacks is being driven by the incredible power and innovation of generative AI, while the ...