Cyberattackers Increasingly Target Cloud IAM as a Weak Link
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
Explore the latest in cyber threats, hacker techniques, and security defenses on our Black Hat tag page at the forefront of infosec news.
Search across headline titles and summaries.
Background for this topic.
Black hat describes hackers or techniques used to gain unauthorized access, steal information, deploy malware, commit fraud, or disrupt systems. In security news, it usually means malicious activity rather than a legitimate security test; context may instead point to the Black Hat security conference and its research disclosures.
For practitioners, black-hat activity matters because attackers may exploit unpatched vulnerabilities, stolen credentials, exposed services, or insecure applications. Vulnerability management should prioritize flaws that are actively exploited or accessible from the internet, while controls such as strong authentication, least privilege, secure configuration, and detailed logging can limit abuse and support detection. Threat intelligence can help map observed indicators and techniques to defensive actions. When an incident occurs, rapid containment, credential reset, evidence preservation, and assessment of affected data help determine the scope and any privacy or regulatory obligations.
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
In conjunction with Black Hat 2022, pioneer of digital executive protection also announces new security innovations and SOC 2 Type II certification.