Protecting remote and hybrid work requires securing both identity and devices, regardless of where employees work.

The main difference between passwordless authentication and Multi-Factor Authentication (MFA) is that passwordless authentication completely removes the use of passwords, whereas MFA is used in conjunction with passwords. There are also differences in a user’s login experience when using passwordless authentication versus MFA, deploying each of them and their cost. Continue reading to learn more about the differences between passwordless authentication and MFA.

The internet cookie has been around since the late 1990s and, in its original state, we remember it relatively fondly. Its core aim was to identify users and their website preferences, helping keep track of everything from shopping baskets to user dashboards.

Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway, to name a few.

On February 13, 2024, Microsoft published their February 2024 security update with patches for 73 vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted 5 vulnerabilities in this bulletin that were categorized as critical or zero-day vulnerabilities. Two of these vulnerabilities have been reported to be exploited in the wild.

Over the years, PayPal has earned a reputation for being a secure and easy way to send and receive money. However, no payment system is entirely immune to scams, and cybercriminals often exploit these platforms due to their widespread popularity and trust among users. PayPal is the most widely used online payment system in the US, making it a compelling target for scammers looking to capitalize on its extensive user base.

On February 19, 2024, ConnectWise published a security bulletin detailing two critical vulnerabilities within their on-premises ScreenConnect software. At the time of writing, these vulnerabilities do not have CVE numbers assigned to them. ConnectWise has stated that the vulnerabilities have the potential to result in remote code execution (RCE). Vulnerability #1 (CVSS: 10): Allows a threat actor to achieve authentication bypass by leveraging an alternate path/channel.

Analyzing the content and security implications of browser extensions is a complex task! It's almost like trying to piece together a complex jigsaw puzzle (thanks JavaScript). Automation is a key way to reduce this complexity without adding to the workload of security staff. With so many extensions to inspect (we analyzed more than 140,000 of them), automating small portions of that analysis provided a big impact.

A recent Total Economic Impact™ study from Forrester Consulting revealed that Tanium can help organizations improve their endpoint management, security, and more while delivering significant value and savings.