Tag: identity
-
Smart Approaches to Non-Human Identity Detection
Are We Fully Leveraging the Power of NHI and Secrets Management? Many organizations are waking up to the potential of Non-Human Identity (NHI) management to reinforce their cybersecurity strategies. They are recognizing the potential of NHI a combination of machine-created identities and encryption secrets to offer next-gen protection. However, could they be doing… First seen…
-
Complexity and AI put identity protection to the test
Identity has become a core pillar of cybersecurity strategy. Remote work, cloud-first adoption, and distributed supply chains have moved identity from “a tactical IT … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/02/cisco-duo-identity-security-2025-report/
-
Understanding the Two Sides of Infostealer Risk: Employees and Users
Co-authored by Constella Intelligence and Kineviz Infostealer malware dominates today’s cyber threat landscape. Designed to extract credentials, cookies, session tokens, autofill data, and other forms of digital identity, infostealers operate silently, persistently, and at industrial scale. They are no longer just a precursor to other attacks”, infostealers are the breach. There are two critical vectors…
-
Microsoft Enforces MFA for Logging into Azure Portal
In a significant security move, Microsoft announced on August 26, 2025, that it will require mandatory multifactor authentication (MFA) for all accounts signing in to the Azure portal and related administrative centers. The policy, first introduced in 2024, aims to dramatically reduce account compromise by enforcing an additional layer of identity verification across Azure and…
-
How AI Agents Are Creating a New Class of Identity Risk
5 min readAI agents require broad API access across multiple domains simultaneously”, LLM providers, enterprise APIs, cloud services, and data stores”, creating identity management complexity that traditional workload security never anticipated. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/how-ai-agents-are-creating-a-new-class-of-identity-risk/
-
Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
Tags: access, advisory, attack, authentication, china, cisa, cisco, credentials, cve, cyber, cybersecurity, data, espionage, exploit, firewall, fortinet, germany, government, identity, infrastructure, injection, ivanti, kev, malicious, microsoft, military, mitigation, mitre, network, remote-code-execution, risk, software, tactics, threat, update, vulnerability, zero-dayAn analysis of Tenable telemetry data shows that the vulnerabilities being exploited by Chinese state-sponsored actors remain unremediated on a considerable number of devices, posing major risk to the organizations that have yet to successfully address these flaws. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ)…
-
Is Your IAM Solution Truly Scalable?
Is Your Identity and Access Management Approach Up to the Task? Could you be unknowingly compromising your cybersecurity by overlooking the importance of Non-Human Identities (NHIs) and Secrets Security Management? These vital aspects of Identity and Access Management (IAM) are critical in managing access control. Cybersecurity professionals and CISOs need to pay attention to the……
-
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world.To that end, two marketplace domains (verif[.]tools and veriftools[.]net) and one blog have been taken down, redirecting site visitors to a splash page stating the action was undertaken…
-
Your Map for the Cloud Security Maze: An Integrated Cloud Security Solution That’s Part of an Exposure Management Approach
Tags: access, ai, attack, automation, business, ciso, cloud, container, control, cyber, cybersecurity, data, exploit, guide, identity, infrastructure, intelligence, kubernetes, mitigation, risk, strategy, threat, tool, vulnerability, vulnerability-managementCheck out highlights from the IDC white paper “Bridging Cloud Security and Exposure Management for Unified Risk Reduction,” which explains how CNAPPs help security teams tame the complexity of multi-cloud environments by shifting from a reactive, alert-driven model to a proactive exposure management strategy. Organizations’ rapid expansion into the cloud has created a complex and…
-
FBI, Dutch cops seize fake ID marketplace that sold identity docs for $9
$6.4M VerifTools marketplace offline First seen on theregister.com Jump to article: www.theregister.com/2025/08/28/fbi_dutch_cops_seize_veriftools/
-
Police seize VerifTools fake ID marketplace servers, domains
The FBI and the Dutch Police have shut down the VerifTools marketplace for fraudulent identity documents after seizing servers in Amsterdam that hosted the online operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-seize-veriftools-fake-id-marketplace-servers-domains/
-
What You Don’t Log Will Hurt You FireTail Blog
Aug 28, 2025 – Lina Romero – APIs have become the most targeted attack surface in enterprise environments, and AI (particularly agentic AI) is making it even harder to protect those critical connections. But one of the most often overlooked and misunderstood aspects of a strong AI and API security posture is logging.Last week, FireTail…
-
Why Traditional Zero-Trust Breaks Down with Agentic Identities
As AI agents become the new digital workforce, traditional zero-trust models fall short. Enterprises face an Access-Trust Gap that demands new runtime governance. Agentic Identity and Security Platforms (AISP) provide dynamic controls to secure autonomous agents, prevent over-permissioning, and ensure compliance in an agent-driven future. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/why-traditional-zero-trust-breaks-down-with-agentic-identities/
-
Encryption Vendor Virtru Settles Patent Case With Microsoft
Deal Ends Suit Alleging Microsoft’s Message Encryption Tool Violated Virtru Patents. After three years of litigation, Virtru and Microsoft have settled a patent infringement case involving the tech giant’s email encryption product. The suit claimed Microsoft’s technology infringed Virtru’s patented identity-driven encryption method for seamless, credential-free data access. First seen on govinfosecurity.com Jump to article:…
-
AI-Powered CIAM in Retail: The Next Frontier of Customer Identity
AI-powered CIAM is heralding a new era for customer identity and access management in the retail industry. By blending the strengths of machine learning with th First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ai-powered-ciam-in-retail-the-next-frontier-of-customer-identity-2/
-
AI-Powered CIAM in Retail: The Next Frontier of Customer Identity
AI-powered CIAM is heralding a new era for customer identity and access management in the retail industry. By blending the strengths of machine learning with th First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ai-powered-ciam-in-retail-the-next-frontier-of-customer-identity-2/
-
Who are you again? Infosec experiencing ‘Identity crisis’ amid rising login attacks
Vendor insists passkeys are the future, but getting workers on board is proving difficult First seen on theregister.com Jump to article: www.theregister.com/2025/08/27/ciscos_duo_identity_crisis/
-
Okta ‘Accelerating’ Privileged Access Growth Amid Shift To Agentic: COO
Okta beat analyst expectations for its latest quarter Tuesday even as the identity security vendor signaled that it aims to ramp up its expansion in privileged access management with the planned acquisition of Axiom Security. First seen on crn.com Jump to article: www.crn.com/news/security/2025/okta-accelerating-privileged-access-growth-amid-shift-to-agentic-coo
-
Okta makes AI identity play with Axiom acquisition
Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629921/Okta-makes-AI-identity-play-with-Axiom-acquisition
-
Google Introduces Enhanced Developer Verification for Play Store App Distribution
Google has announced that all Android apps installed on approved devices will soon need to be able to be traced back to a verified developer identity in an effort to combat the growing wave of financial fraud operations and mobile viruses. The policy, scheduled to roll out in select high-risk regions in 2025 before global…
-
Execs worry about unknown identity-security weaknesses
Credential theft attacks prove that companies need to do better, but business leaders cited many reasons for slow progress. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/identity-security-concerns-survey-duo/758572/
-
Google to Require Identity Verification for Android App Developers: Here’s the Rollout Timeline
Currently, developers who create “sideloaded” Android apps are exempt from Google’s verification requirements. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-android-sideloading-app-developer/
-
Ping Identity erweitert seine Plattform um Justtime Privileged Access
Ping Identity wird die neuen Funktionen für Privileged Access über”¯PingOne Privilege”¯bereitstellen. Grundlage dafür ist die Übernahme von Procyon, einem 2021 gegründeten Cloud-nativen Unternehmen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ping-identity-erweitert-seine-plattform-um-just-in-time-privileged-access/a41785/
-
The Enterprise Risk of OAuth Device Flow Vulnerabilities And How SSOJet Solves It
SSOJet delivers far more than “just SSO”: we give your team the visibility, control, and security intelligence needed to defeat device flow phishing and build a future-proof identity management framework. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/the-enterprise-risk-of-oauth-device-flow-vulnerabilities-and-how-ssojet-solves-it/
-
Shadow AI is surging, getting AI adoption right is your best defense
Why most organizations fail at phase one: Despite the clarity of this progression, many organizations struggle to begin. One of the most common reasons is poor platform selection. Either no tool is made available, or the wrong class of tool is introduced. Sometimes what is offered is too narrow, designed for one function or team.…
-
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store.”Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices,” the company said. “This creates crucial…
-
Workload Identity vs. Workload Access Management: Securing Cloud-Native Workloads in a Dynamic Environment
5 min readUnderstanding the distinction is essential for implementing Zero Trust. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/workload-identity-vs-workload-access-management-securing-cloud-native-workloads-in-a-dynamic-environment/