Identity & Governance Archives - Page 5 of 9

May 13, 2026May 13, 2026 AI Infrastructure Risk Identity & Governance Incidents & Breaches Security Operations

KISA Issues Urgent Warning on Smishing Exploiting Breached Travel Platform Data

South Korea's internet security agency, KISA, has issued an urgent advisory regarding highly targeted smishing attacks. Cybercriminals are using stolen data from hacked travel platforms, such as accommodation reservation details, to impersonate hotel staff. These attacks aim to deceive travelers into entering credit card information on fraudulent sites to avoid supposed booking cancellations, posing significant secondary financial risk. Read more

May 13, 2026 AI Infrastructure Risk AI Security Cloud Security Identity & Governance

Microsoft Launches Real-Time Data Loss Prevention for Copilot Prompt Inputs

Microsoft has released a significant security update for Microsoft 365 Copilot, introducing real-time Data Loss Prevention (DLP) for prompt inputs. The feature uses Microsoft Purview to detect and block sensitive information—such as credit card numbers or internal project codes—from being processed by the AI, preventing accidental data leakage while maintaining operational productivity. Read more

May 13, 2026 AI Security Cloud Security Identity & Governance Security Operations

AI Shift Triggers 1,140% Identity Surge as Organizations Pivot to Non-Human Identity Governance

Okta's 'Businesses at Work 2026' report reveals a massive 1,140% surge in access requests over two years, driven primarily by autonomous AI agents. This shift is forcing global enterprises to move beyond traditional user-centric security, prioritizing non-human identity (NHI) governance and phishing-resistant multi-factor authentication to secure modern cloud and hybrid infrastructure environments. Read more

May 13, 2026May 13, 2026 AI Infrastructure Risk Identity & Governance Vulnerability Intelligence

Google Patches Critical Remote Code Execution Vulnerability in Android Wireless ADB

Google has addressed a high-severity security flaw (CVE-2026-0073) in the wireless Android Debug Bridge (ADB) functionality. Affecting Android 14 and newer versions, the vulnerability allows nearby attackers to bypass authentication and execute code with shell privileges. Users should ensure their devices are updated to the May 2026 security patch level to mitigate risk. Read more

May 13, 2026 AI Infrastructure Risk Identity & Governance Vulnerability Intelligence

Convergence of Human and System Vulnerabilities: Analyzing ‘Copy Fail’ and Recent Japanese Security Breaches

Recent high-profile security incidents involving Hatena and Money Forward, combined with the discovery of the 'Copy Fail' Linux kernel vulnerability (CVE-2026-31431), highlight a dangerous trend where attackers combine social engineering with local system exploits to bypass traditional network defenses. Read more

May 13, 2026 AI Infrastructure Risk Cloud Security Identity & Governance

Passkeys and SSO Adoption Drive First Decline in Managed Password Volume Since 2020

A 2026 study by NordPass reveals that the average number of managed passwords per user has decreased to 120, marking a reversal of a multi-year growth trend. The shift is attributed to the rise of passkeys, biometric authentication, and Single Sign-On (SSO) platforms, signaling a transition toward passwordless infrastructure. Read more

May 13, 2026 AI Infrastructure Risk AI Security Identity & Governance Security Operations

Japan’s SCS Evaluation System Shifts Toward Continuous Security Operations and Workforce Frameworks

Japan is implementing a new Supply Chain Cybersecurity (SCS) Evaluation System that prioritizes continuous operational maintenance over one-time audits, requiring organizations to integrate annual inspections and specialized personnel frameworks into their core business processes. Read more

May 13, 2026 AI Infrastructure Risk Cloud Security Identity & Governance Incidents & Breaches

PCPJack Malware Framework Targets Cloud Infrastructure while Displacing Rival Threat Group

Security researchers have identified a new cloud-native malware framework, PCPJack, which specializes in credential theft across Docker, Kubernetes, and Redis environments. Uniquely, the framework actively removes tools associated with the TeamPCP (PCPcat) threat group, suggesting a possible internal rift or turf war over compromised cloud assets. Read more

May 13, 2026May 13, 2026 AI Infrastructure Risk AI Security Cloud Security Identity & Governance

Taiwan FSC Unveils Post-Quantum Cryptography Migration Guidelines for Financial Sector

Taiwan's Financial Supervisory Commission (FSC) has announced a new roadmap for financial cybersecurity resilience, focusing on the 'AI Vulnerability Storm' and the transition to Post-Quantum Cryptography (PQC). The commission is set to release a formal PQC migration guide to prepare the industry for 'Y2Q' risks by 2029. Read more

May 13, 2026 Cloud Security Identity & Governance Incidents & Breaches Vulnerability Intelligence

SAP Patches Critical Vulnerabilities in S/4HANA and Commerce Cloud with CVSS 9.6 Ratings

SAP has released its May 2026 security updates, addressing 15 vulnerabilities including two critical flaws in S/4HANA and Commerce Cloud that could lead to unauthorized data access and remote code execution. Read more