You may already be using Active Roles to manage privileged access, identity and Active Directory (AD) from a single pane of glass. But now, you can get more. Active Roles release 8.2 is poised to offer multiple new features that support customers who are migrating to the cloud and applying web-based resources during the continuing market evolution. It also introduces enhancements to management within Entra ID.

Increased ransomware attacks on industrial control systems (ICS), mixed with general ICS insecurity found across the manufacturing sector, has given rise to a guide specifically addressing this risk. Manufacturing has been a target of ransomware for quite some time — I’ve even covered a recent attack focused on credential harvesting.

Businesses increasingly use cloud services like Google Workspace, Amazon Web Services (AWS), Hubspot, and Dropbox to improve work productivity and drive innovation. However, this accelerated shift to cloud platforms has exposed businesses to new security challenges, such as unauthorized data breaches and compliance violations. A Cloud Access Security Broker (CASB) is a powerful tool against these issues, delivering unmatched visibility and control over data to protect enterprises against these threats.

In the critical and constantly evolving identity security space, organizations are focused on three essential needs: While identity security disciplines like identity security posture management (ISPM), identity threat detection and response (ITDR) and privileged access management (PAM) address various aspects of these needs, none offer a complete solution.

On September 17, 2024, Broadcom released fixes for a critical vulnerability impacting VMware vCenter Server and Cloud foundation, tracked as CVE-2024-38812. This vulnerability is a heap-overflow flaw in the implementation of the DCERPC protocol that a remote attacker can use to send specially crafted network packets to vCenter Server, potentially leading to Remote Code Execution (RCE).

Researchers at ReversingLabs warn that North Korea’s Lazarus Group is targeting software developers with phony job interviews. The threat actors are posing as employees of major financial services firms and send coding assessment tests as part of the interview process. Our team recently recorded a webinar that covers this exact topic, as our cybersecurity experts discuss how we spotted the red flags and stopped it before any damage was done.

Are your legacy technologies slowing down your security operations? You’re not alone. Seventy percent of critical incidents take over 12 hours to resolve. Legacy SIEMs burden security teams with endless manual processes and agonizingly slow search speeds, delaying investigation and response while increasing the risk of a breach. The future of security requires next-gen SIEM technology built for scale and speed, powered by automation and AI.

Pulumi customers can secure and simplify their secrets management workflows with a new integration built for 1Password.

In a time when everything said, whether factual, fake, or AI-created, may be recorded and posted on the internet, it’s more important than ever to ensure that what was recorded accurately represents a point in time. When someone claims you said, “I was Smoking on a flight, watching Star Wars, the best special effects movie of all time,” was that a false claim? Did they include the date and the context?