Identity & Access Management

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA

The Microsoft Detection and Response Team (DART) has spotted an increase in attackers using token theft in the cloud to compromise corporate systems while bypassing multi-factor authentication (MFA) and other authentication controls.

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA Read More »

FIPS 201-3: Personal Identity Verification (PIV) of Federal Employees and Contractors

The U.S. Secretary of Commerce has approved the publication of FIPS 201-3, the National Institute of Standards and Technology (NIST) latest revision of “Personal Identity Verification (PIV) of Federal Employees and Contractors.”

FIPS 201-3: Personal Identity Verification (PIV) of Federal Employees and Contractors Read More »

Critical ForgeRock Access Management vulnerability (CVE-2021-35464) exploited

A Critical ForgeRock Access Management (AM) vulnerability (CVE-2021-35464) has been exploited in the wild. The issue affects ForgeRock’s OpenAM, open-source AM solution.

Critical ForgeRock Access Management vulnerability (CVE-2021-35464) exploited Read More »

Hacker remotely accesses Florida water treatment plant, bumps chemical level to “dangerous levels”

A hacker remotely accessed a Florida city water treatment plant and attempted to increase the chemical level to “dangerous levels” before the cyberattack was thwarted.

Hacker remotely accesses Florida water treatment plant, bumps chemical level to “dangerous levels” Read More »