#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

Identity Platform | Breaking Cybersecurity News | The Hacker News

THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter

THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter

Mar 18, 2023 Zero Trust / Access Control
Think of the typical portrayal of a cyberattack. Bad guy pounding furiously on a keyboard, his eyes peeking out from under a dark hoodie. At long last, his efforts pay off and he hits the right combination of keys. "I'm in!" he shouts in triumph. Clearly, there are many problems with this scenario – and it's not just the hoodie. What's even more inaccurate is that most cyber attackers today do not rely on unsophisticated methods like brute force. Instead, they target users directly through social engineering, spearphishing and business email compromise (BEC). In light of this, it can be said that cybercriminals no longer break into corporate systems; instead, they log in with valid user credentials. In this landscape of highly targeted cyberattacks, the identity perimeter has emerged as a crucial battlefield. Unfortunately, too many businesses continue to rely on outdated security strategies and tools that leave their users and sensitive systems unprotected. S
Why Identity & Access Management Governance is a Core Part of Your SaaS Security

Why Identity & Access Management Governance is a Core Part of Your SaaS Security

Nov 03, 2022
Every SaaS app user and login is a potential threat; whether it's bad actors or potential disgruntled former associates,  identity management and   access control  is crucial to prevent unwanted or mistaken entrances to the organization's data and systems.  Since enterprises have thousands to tens of thousands of users, and hundreds to thousands of different apps, ensuring each entrance point and user role is secure is no easy feat. Security teams need to monitor all identities to ensure that user activity meets their organization's security guidelines.  Identity and Access Management (IAM) solutions administer user identities and control access to enterprise resources and applications. As identities became the new perimeter, making sure this area is governed by the security team is vital. Gartner has recently named a new security discipline called Identity Threat Detection and Response (ITDR) that incorporates detection mechanisms that investigate suspicious posture ch
cyber security

external linkeBook: 3 Steps to Implement Zero Trust Access

websitewww.cyolo.ioZero Trust Security
Streamline your zero-trust access journey with three simple steps for high-risk, remote, and hybrid users.
Authentication Bypass Vulnerability Found in Auth0 Identity Platform

Authentication Bypass Vulnerability Found in Auth0 Identity Platform

Apr 07, 2018
A critical authentication bypass vulnerability has been discovered in one of the biggest identity-as-a-service platform Auth0 that could have allowed a malicious attacker to access any portal or application, which are using Auth0 service for authentication. Auth0 offers token-based authentication solutions for a number of platforms including the ability to integrate social media authentication into an application. With over 2000 enterprise customers and managing 42 million logins every day and billions of login per month, Auth0 is one of the biggest identity platforms. While pentesting an application back in September 2017, researchers from security firm Cinta Infinita discovered a flaw ( CVE-2018-6873 ) in Auth0's Legacy Lock API , which resides due to improper validation of the JSON Web Tokens (JWT) audience parameter. Researchers successfully exploited this issue to bypass login authentication using a simple cross-site request forgery (CSRF/XSRF) attack against the
Cybersecurity Resources