Modern Identity and Acccess Management - Building Trust Without Sacrificing Security! 

Leading organizations understand that breaches have become the norm in today’s connected world. With information being everywhere and personalized experience driving the digital transformation, identity is critical. Identity is the foundation for trust. At CA Technologies, we understand how important it is to strike the right balance between enterprise data security and convenient user access. Our solutions address the requirements for IAM in the modern era.

The Facebook homepage for marketing company Exactis.

Marketing Firm Exposes 340 Million Records on US Consumers

Jeremy Kirk • June 28, 2018

A computer security researcher has discovered a vast marketing database containing 340 million records on U.S. consumers. The database is the latest in a long line of databases to have been left exposed to the internet without authentication, thus putting people's personal data at risk.

Digital Identity

Malaysia's Central Bank Blocks Attempted SWIFT Fraud

Latest

US Power Company Fined $2.7 Million Over Data Exposure

Mathew J. Schwartz • March 14, 2018

A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.

Cybercrime

Winter Olympics Gold Medal for False Flag Goes to ... ?

Mathew J. Schwartz • March 12, 2018

Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.

CA • December 31, 1969

Cybercrime

Putin Offers Extradition Promise to US: 'Never'

Mathew J. Schwartz • March 7, 2018

Russian President Vladimir Putin has issued an unequivocal promise about the extradition potential for 13 Russian nationals accused of working for a Kremlin-backed troll factory: "Never." It's unclear how the U.S. might best battle Russia's influence operations.

Ukraine Sentences Two Citizens for DDoS Extortion Campaigns

Mathew J. Schwartz • March 6, 2018

In a groundbreaking prosecution, two individuals in Ukraine have been sentenced for running extortion campaigns that disrupted international victims' websites with massive DDoS attacks unless they paid bitcoin ransoms of up to $10,000.

166 Applebee's Restaurants Hit With Payment Card Malware

Mathew J. Schwartz • March 6, 2018

Anyone who dined out at one of 166 Applebee's restaurants in 15 states may have had their payment card details compromised by point-of-sale malware infections that began in November 2017, RMH Franchise Holdings warns.

Data Cache May Contain 2,800 Partly Undiscovered Breaches

Jeremy Kirk • February 27, 2018

An analysis of a massive 8.8 GB trove of files containing usernames and plaintext passwords suggests hundreds of services may have experienced unreported or undiscovered data breaches. Data breach expert Troy Hunt says the trove of 80 million records appears to contain fresh data.

10 Cybersecurity Trends: What to Expect in 2018

Mathew J. Schwartz • January 2, 2018

Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.

Threat Info Sharing Key Part of Election Security Bill

Eric Chabrow • November 1, 2017

Under bipartisan legislation introduced in the Senate, federal authorities would share classified cyber threat information with state election officials. The bill also would provide grants to states to support election security efforts.

Payments Fraud

Hilton Reaches $700,000 Settlement Over Two Data Breaches

Mathew J. Schwartz • November 1, 2017

Global hotel chain Hilton has reached a $700,000 settlement agreement with New York and Vermont over two separate data breaches discovered in 2015 that exposed more than 360,000 payment card numbers.

IoT Security Fail: Hacked Vacuum Cleaner Becomes Spy Cam

Jeremy Kirk • October 30, 2017

Security probes into IoT vulnerabilities too often swerve into creepy territory. Take security researchers at Check Point who discovered they could seize control of an internet-connected LG vacuum cleaner's camera, allowing them to turn a roving robotic cleaner into a spy cam.

DHS Imposes Email Security Measures on Federal Agencies

Eric Chabrow • October 17, 2017

A new directive from the U.S. Department of Homeland Security elevates federal agencies' email security to the DMARC standard that's widely adopted by commercial email providers, including Google, Yahoo and Microsoft.