Digital Identity | Breaking Cybersecurity News | The Hacker News

Just a few short years ago, lateral movement was a tactic confined to top APT cybercrime organizations and nation-state operators. Today, however, it has become a commoditized tool, well within the skillset of any ransomware threat actor. This makes real-time detection and prevention of lateral movement a necessity to organizations of all sizes and across all industries. But the disturbing truth is that there is actually no tool in the current security stack that can provide this real-time protection, creating what is arguably the most critical security weakness in an organization's security architecture.  In this article, we'll walk through the most essentials questions around the challenge of lateral movement protection, understand why multifactor authentication (MFA) and service account protection are the gaps that make it possible, and learn how Silverfort's platform turns the tables on attackers and makes lateral movement protection finally within reach. Upcoming We

The stakes are high when it comes to cybersecurity. No longer are we dealing with unskilled hackers trying to break into corporate systems with brute force. Today, cybercriminals are using highly sophisticated methods like social engineering, spear phishing, and BEC to target users directly and log in with valid credentials. This is why the identity perimeter has become a critical battleground in the fight against cyberattacks. But, many businesses are still relying on outdated security strategies and tools, leaving their users and sensitive systems exposed. To help you tackle this pressing issue, we're inviting you to join our upcoming webinar with Dor Dali, Head of Research at Cyolo. Dor has extensive experience in the field and will be sharing his insights on how to secure your identity perimeter and overcome common challenges. Here's what you can expect from the webinar: A deep dive into what the identity perimeter is and why it should be a critical focus point of y

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line.  —  b y Gus Malezis, CEO of Imprivata Digitalization has created immeasurable opportunities for businesses over the past two decades. But the growth of hybrid work and expansion of Internet of Things (IoT) has outpaced traditional 'castle and moat' cybersecurity, introducing unprecedented vulnerabilities, especially in the healthcare industry. Although all organizations have important data to secure, healthcare holds some of the public's most sensitive personal health information (PHI) – not to mention insurance and financial data, as well.  We all expect this information to be secured and protected, especially with HIPAA laws in place. However, due to increasing IT fragmentation and the growing sophistication of cyberattacks, this is no longer guaranteed. In fact, the number of individuals affected by health data breaches in the U.S. since 2009 is

Cybersecurity agencies in Australia and the U.S. are  warning  of an actively exploited vulnerability impacting ForgeRock's OpenAM access management solution that could be leveraged to execute arbitrary code on an affected system remotely. "The [Australian Cyber Security Centre] has observed actors exploiting this vulnerability to compromise multiple hosts and deploy additional malware and tools," the organization  said  in an alert. ACSC didn't disclose the nature of the attacks, how widespread they are, or the identities of the threat actors exploiting them. Tracked as  CVE-2021-35464 , the issue concerns a pre-authentication remote code execution (RCE) vulnerability in ForgeRock Access Manager identity and access management tool, and stems from an  unsafe Java deserialization  in the Jato framework used by the software. "An attacker exploiting the vulnerability will execute commands in the context of the current user, not as the root user (unless ForgeRo