My TechDecisions

Search Results: mfa

Security Awareness Training

Security Awareness Training Needs to Change. Here’s Why.

Phishing is still wildly successful and a tried-and-true way into any organization's network, and security awareness training needs to evolve.

March 21, 2023 Zachary Comeau Leave a Comment

Despite repeated urges from IT professionals to be wary of clicking on links in emails and opening attachments from strange messages, phishing is still wildly successful as attackers adopt new tricks and techniques that should force organizations to improve and update their cybersecurity awareness strategies. In fact, email-based phishing attacks remain a thorn in the […]

Read More
Zero Trust, ZTNA, Netskope

Beyond Identity, Cybersecurity Companies Launch Zero Trust Authentication Push

Beyond Identity and other leading security firms are backing the creation of Zero Trust Authentication, a new subcategory of zero trust.

March 17, 2023 Zachary Comeau Leave a Comment

Passwordless authentication software provider Beyond Identity is launching Zero Trust Authentication, a new subcategory of zero trust technology designed to help organizations move towards secure authentication that advances the zero trust security movement. According to Beyond Identity, several industry-leading security companies are backing the creation of Zero Trust Authentication, including Palo Alto Networks, CrowdStrike, Optiv, […]

Read More
Phishing, Email security

Phishing Remains a Favorite Hacking Tool as New Methods Emerge

New methods such as phone-oriented attack delivery and MFA bypass are making phishing attacks more sophisticated, according to Proofpoint.

March 3, 2023 Zachary Comeau Leave a Comment

Phishing, social engineering, and ransomware remain favorite attack methods of cybercriminals, but threat actors are beginning to shift to newer techniques, such as phone-oriented attack delivery and adversary-in-the-middle phishing proxies designed to bypass multifactor authentication, according to cybersecurity firm Proofpoint. The Sunnyvale, Calif.-based company’s’ State of the Phish report finds that email-based phishing attacks remain […]

Read More
CISA Software Security

What CISA Learned After Conducting a Red Team Assessment of a Large Critical Infrastructure Organization

CISA obtained persistent access to the organization's network, but security controls like MFA helped thwart further activity.

March 1, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory that describes a CISA red team assessment of a large critical infrastructure organization with a mature cyber posture, with the goal of sharing its key findings to help IT and security professionals improve monitoring and hardening of networks. According to the advisory, […]

Read More
LastPass Breach, Hack

LastPass Hack: Attacker Accessed DevOps Engineer’s Home Computer to Steal Decrpytion Keys

LastPass reveals new information on its ongoing investigation into a security incident, including how a developer's home computer was hacked.

February 28, 2023 Zachary Comeau Leave a Comment

[Editor’s note: This article has been updated to reflect the company’s official statement on the new updates.] The same threat actor that accessed portions of the LastPass development environment and source code that has forced the company since August 2022 to provide updates as new information is revealed, apparently accessed a shared cloud-storage environment obtained […]

Read More

These 3 Departments Pose the Highest Risk of Being Hacked

Experts from NordLocker reveal which departments are most at risk of being hacked and why and provide tips on safeguarding your business from a cyberattack.

February 18, 2023 TD Staff Leave a Comment

Cybersecurity experts from NordLocker, part of Nord Security, reveal that employees from certain departments are much more lucrative targets for cybercriminals than others. With human error being the reason behind a whopping 82% of data breaches, employees are the weakest link when it comes to organizational cybersecurity. “From receptionists to the C-Suite, every employee should […]

Read More
Yubico, Security Keys

Yubico Launches New Security Keys, Updated Enterprise Subscription Program

Yubico is expanding its lineup of security keys with two new enterprise keys and is introducing an improved enterprise subscription program.

January 27, 2023 Zachary Comeau Leave a Comment

Security key maker Yubico is expanding its lineup of security keys with two new enterprise keys and is introducing an improved enterprise subscription program. The Santa Clara, Calif.-based company hopes the new updates will help organizations equip employees with hardware-based authentication and services to help combat the increasingly sophisticated phishing attacks and credential theft. The […]

Read More
Beyond Identity

Beyond Identity Receives FIDO2 Certification

Beyond Identity says it has received FIDO2 certification and can help companies adopt standards-based passwordless authentication.

January 13, 2023 Zachary Comeau Leave a Comment

Passwordless technology and phishing-resistant multifactor authentication provider Beyond Identity says it has received FIDO2 certification and can help companies adopt standards-based passwordless authentication. FIDO2, developed by the FIDO Alliance, is a more secure standard that enables users to leverage common devices to easily authenticate online services in both mobile and desktop environments. The FIDO Alliance […]

Read More
Microsoft Security RSA Conference

These are Microsoft’s 5 Identity Priorities in 2023

Microsoft outlines its five identity security priorities for the new year, with Entra tools as the key solution.

January 10, 2023 Zachary Comeau Leave a Comment

With cybercriminals hellbent on stealing passwords and compromising credentials, identity has become the new cybersecurity battleground, with Microsoft reporting more than 111 million password attacks a day. The Redmond, Wash. tech giant’s analysis of identity attacks doesn’t stop there, as the company says password breach replay attacks grew to 5.8 billion per month in 2022, […]

Read More
Royal Ransomware

Phishing, Ransomware Continue to Dominate as Cyberattacks Surge in 2022

Acronis' year-end report finds that ransomware, phishing and unpatched bugs remain top threats as cybercriminals adapt.

December 28, 2022 Zachary Comeau Leave a Comment

Phishing, MFA fatigue attacks are on the rise, and the cost of a data breach is now expected to reach $5 million, according to a year-end cyberthreat report from cybersecurity firm Acronis. The Switzerland-based firm’s report from its Cyber Protection Operation Center provides an in-depth analysis of the cyberthreat landscape including ransomware, phishing, malicious websites, […]

Read More