Governance, Risk and ComplianceOktane 2024: Okta pitches WIC to fill SaaS security holesShaun NicholsOctober 16, 2024Okta is pitching new features to address what it sees as critical security holes in the way SaaS and cloud vendors interact.
IdentityOktane 2024: Okta, OpenID Foundation and tech firms team up for new IPSIE standardShaun NicholsOctober 16, 2024Okta has announced a working group that will aim to standardize identity management and authentication.
Vulnerability ManagementSolarWinds Web Help Desk flaw added to CISA vulnerabilities catalogSteve ZurierOctober 16, 2024Federal agencies ordered to patch exploited flaw by Nov. 5. Security pros say corporate enterprises should follow suit.
Network SecurityMore safety, trust and friction needed to overcome 2024’s challengesDan RaywoodOctober 16, 2024Lessons learned from CrowdStrike, Snowflake incidents, and Microsoft report.
Vulnerability ManagementJetpack patches critical bug that exposed data on 27M WordPress sitesSteve ZurierOctober 15, 2024Flaw in WordPress Jetpack plug-in could potentially expose sensitive personal information such as phone numbers and email addresses.
Governance, Risk and ComplianceMarriott faces $52 million FTC fine and reprimand over data breachesDan RaywoodOctober 15, 2024Hotel giant instructed to develop comprehensive information security program and certify compliance as part of reprimand.
Governance, Risk and CompliancePentagon shares new cybersecurity rules for government contractorsShaun NicholsOctober 14, 2024The DOD introduced new cybersecurity requirements for companies that contract with the federal government.
Vulnerability ManagementVulnerable instances of Log4j still being used nearly 3 years laterDan RaywoodOctober 14, 2024Critical vulnerabilities take over 500 days to be fixed.
Network SecurityCommand-jacking used to launch malicious code on open-source platformsSteve ZurierOctober 14, 2024Attackers hijack legitimate commands and run malicious code to launch supply chain attacks.
IdentityExperts say MFA is no longer enough for enterprisesShaun NicholsOctober 11, 2024The UK’s cyber watchdog says that companies need to be more mindful with how they handle their multi-factor authentication.