News for today:
- [Palo Alto Networks] Idira for identity security. Palo Alto Networks introduced a new platform for discovering, controlling, and governing all identities – Idira is the next update for CyberArk customers. By eliminating standing privileges and extending dynamic privilege controls to all users, Idira democratizes privilege access to help ensure that all identities are secured, not just managed. The platform delivers these capabilities through AI-driven visibility, dynamic controls and governance. Palo Alto says that machine and AI identities outnumber humans 109 to 1. Available immediately. Palo Alto Networks
- [Sophos] Latest identity security research. New research from Sophos on identity security, with human error and poor non-human identity management the big issues. The survey found that 71% of organizations suffered at least one identity-related breach in the past year, and on average organizations reported three separate incidents. Repeat victimization reached a notable level, with 5% even reporting six or more breaches …. Human error (employees tricked into providing credentials) was cited in nearly 43% of incidents. Weak NHI management, including API keys stored in code, static credentials, and orphaned service accounts, was cited in 41%. Organizations with weak NHI management are 22% more likely to experience financial theft and pay approximately $150,000 more to recover than average. Sophos
- [Arctic Wolf] Launched Aurora Mobile Threat Defense. Arctic Wolf introduced a new endpoint defense offering for mobile devices; AI plays a significant role. By continuously analyzing device behavior, network connections, application activity, and phishing indicators in real time, Aurora Mobile Threat Defense helps organizations protect mobile devices and detects and respond to mobile threats faster with greater clarity. As mobile devices increasingly serve as primary access points to enterprise data, cloud applications, and identity systems, the solution helps minimize a growing blind spot, delivering strong security without compromising employee privacy. Arctic Wolf
- [Optery] Beware data broker sites. Optery’s new research on social engineering highlights the problem of targeted social engineering enabled by easy access to data broker and people-search sites. Nearly all respondents reported an increase in targeted social engineering over the past 12 months, and approximately three-quarters reported credential compromise resulting from these attacks. The findings point to a central enabler: attackers can easily obtain the personal and professional data needed to identify, profile, and target or impersonate employees. In response, security teams are increasingly focused on addressing the exposed employee data that fuels social engineering in the first place. Optery
- [Open Systems] New approach to threat intelligence. Open Systems partnered with Ticura, to offer its threat intelligence service to customers; the approach is better than manual curation of feeds by SOC teams. Ticura aggregates cyber threat intelligence from more than 1,000 open-source, commercial, and proprietary sources and curates it using artificial intelligence. The platform continuously optimizes intelligence feeds and adapts them to operational requirements …. The partnership addresses a core challenge of modern cybersecurity strategies: More data does not automatically lead to better security outcomes. What matters is how precisely threat data is filtered, prioritized, and operationalized. Open Systems
- [KnowBe4] The Inside Man – Season 7 premiere. KnowBe4 premiered the next season of The Inside Man. Old allies become new adversaries in the exciting new season of ‘The Inside Man’. As an old friend embarks on a quest for revenge, the Good Shepherd team is caught in the middle. Our heroes must decide who they can trust, as they race against time to stop the villain and his stolen AI before it is too late. KnowBe4