Phishing no more? Google requires physical security keys for employees

Security Digest Information security news and advice from TechTarget's network| July 25, 2018 FEATURED STORY Physical security keys eliminate phishing at Google by Michael Heller, Senior Reporter Successful phishing attempts have been eliminated among Google employees following a requirement to use physical security keys in order to gain access to all Google accounts. (SearchSecurity.com) Advertisement NEWS   As AI identity management takes shape, are enterprises ready? Experts at the Identiverse 2018 conference discussed how artificial intelligence and machine learning are poised to reshape the identity and access management market. (SearchSecurity.com)   Cisco's chief privacy officer on the future of data after GDPR Michelle Dennedy, vice president and chief privacy officer at Cisco, discusses her company's approach to meeting the requirements of the EU's General Data Protection Regulation. (SearchSecurity.com)   Critical Cisco vulnerabilities patched in Policy Suite News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more. (SearchSecurity.com)   Vendor admits election systems included remote software A vendor admitted to compromising its election system security by installing remote access software on systems over the span of six years, but claims to have stopped the practice. (SearchSecurity.com)   Cloud misconfigurations can be caused by too many admins Cloud misconfigurations have reached a point where sensitive data can't be protected with manual control, says BetterCloud's David Politis. And part of the issue is too many admins. (SearchSecurity.com)   Risk & Repeat: Closing the gender gap at cybersecurity conferences In this week's Risk & Repeat podcast, SearchSecurity editors discuss the under-representation of women at cybersecurity conferences and how it affects the infosec industry. (SearchSecurity.com) EXPERT ADVICE   How can a ransomware incident response plan be updated? With an increase in ransomware attacks involving cities, the need to update incident response plans has become clear. Learn what organizations should do if infected with ransomware. (SearchSecurity.com)   Domain fronting: Why cloud providers are concerned about it Domain fronting is a popular way to bypass censorship controls, but cloud providers like AWS and Google have outlawed its use. Expert Michael Cobb explains why. (SearchSecurity.com)   The risks of container image repositories compared to GitHub As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries. (SearchCloudSecurity.com)   How did a Navarino Infinity flaw expose unauthenticated scripts? Navarino Infinity, a satellite communication system, found and fixed a flaw that exposed an unauthenticated script. Discover what threats this flaw enabled with Judith Myerson. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.