All news with #identity security tag

🔒Amazon Cognito identity pools now support AWS PrivateLink, enabling private connectivity between your VPC and Cognito to exchange federated identities for temporary AWS credentials. This removes the need to route authentication traffic over the public internet and reduces exposure of auth flows. PrivateLink endpoints are available in all Regions where Cognito identity pools operate except AWS China (Beijing) and AWS GovCloud (US); standard PrivateLink charges apply.

🔐 This guide shows how to operationalize the Shared Signals Framework (SSF) to deliver continuous device posture signals into identity platforms. It details a proof‑of‑concept workflow using Tines to receive webhooks from Kolide, enrich and map device data, generate and sign Security Event Tokens (SETs), and forward them to Okta as CAEP events. The approach enables real‑time policy enforcement and simplifies SSF adoption when endpoints lack native support. Steps and required credentials are summarized for quick deployment.

🔒 In this Deputy CISO blog, Damon Becknel, Microsoft’s VP and Deputy CISO for Regulated Industries, outlines four immediate priorities organizations should act on now. He emphasizes reinforcing essential cyber hygiene—accurate asset inventories, network segmentation, timely patching, MFA, EDR, and proxying email and web traffic—as the most effective means to reduce common intrusions. Becknel also urges adoption of modern standards like phishing-resistant MFA, secure DNS and DMARC, deployment of fingerprinting to track bad actors, and active cross-industry collaboration to share threat signals and raise the cost of attack.

🔐 ServiceNow is reportedly in advanced talks to acquire identity-security startup Veza for more than $1 billion, a deal that could be announced next week. The move would pair ServiceNow's recent AI automation capabilities from Moveworks with Veza's Authorization Graph to map and govern permissions for human and machine identities. For customers, the acquisition aims to close trust and governance gaps around AI agents and non-human accounts, though integration, licensing, and standalone availability questions remain.

🔐 Multicloud adoption improves flexibility but introduces security and visibility risks unless managed centrally. Establish a central authority to define strategy, enforce policies and select cross-cloud tools, while implementing unified governance backed by identity management and automation. Treat every environment as a single trust boundary, enforce least privilege, and correlate telemetry for a unified detection-and-response posture. Limit access with short-lived sessions, recording and DLP to reduce attack surface and support auditability.

🔐 Amazon Redshift now supports federated permissions to centralize and enforce data access policies across multiple Redshift warehouses, reducing governance overhead for multi-warehouse deployments. Registered warehouses are auto-mounted account-wide and can be queried using existing workforce identities via AWS IAM Identity Center or IAM roles. Row-level, column-level, and masking controls are applied automatically, ensuring consistent fine-grained access control regardless of query location.

🔒 Samsung Galaxy devices with Knox Suite combine hardware-rooted protections and centralized management to help IT secure corporate data without slowing users. Built-in at manufacture, Knox delivers multi-layered defenses—secure boot, trusted execution environments, and integrated malware protections—while fitting into existing EMM workflows. Native Zero Trust support, ZTNA and near-real-time telemetry from Knox Asset Intelligence feed SIEMs so mobile threats are visible alongside other alerts.

🔐 The new aws login CLI command lets developers obtain temporary programmatic credentials using the same sign-in method as the AWS Management Console, eliminating the need to create and manage long-term access keys. The command opens a browser-based OAuth2 flow and supports root/IAM user sign-in as well as federated identity providers. Issued credentials auto-rotate every 15 minutes and remain valid up to the IAM session duration (maximum 12 hours). Aws login integrates with profiles, remote development workflows, AWS SDKs, AWS Tools for PowerShell, and legacy SDKs via credential_process.

🔐 AWS Identity and Access Management (IAM) now supports outbound identity federation, enabling customers to exchange AWS credentials for short‑lived, cryptographically signed JSON Web Tokens (JWTs) to authenticate workloads with third‑party clouds, SaaS providers, and self‑hosted applications. Tokens include workload context so external services can enforce fine‑grained access control. Administrators can restrict who can generate tokens and configure token properties such as lifetime, audience, and signing algorithm via IAM policies, and audit issuance and usage through CloudTrail. The capability is available in all AWS commercial Regions, AWS GovCloud (US) Regions, and China Regions.

🔐 This post explains how to centrally manage AWS Systems Manager Session Manager preferences across multiple accounts and Regions using CloudFormation StackSets and an AWS Lambda function. The solution automates updates to the SSM-SessionManagerRunShell document, provisions optional logging destinations (Amazon S3 or CloudWatch Logs), and can create KMS keys for session and log encryption. It aims to reduce manual configuration errors and ensure consistent security and compliance at scale.

🔐 Rubrik Zero Labs warns that the rise of agentic AI has created a widening gap between an expanding identity attack surface and organizations’ ability to recover from compromises. Their report, Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, finds 89% of organizations have integrated AI agents and estimates NHIs outnumber humans roughly 82:1. The authors call for comprehensive identity resilience—beyond traditional IAM—emphasizing zero trust, least privilege, and lifecycle control for non-human identities.

🔒 Phishing is moving beyond email to platforms like LinkedIn, where direct messages sidestep traditional email defenses and evade many web-based controls. Attackers exploit account takeovers, weak MFA adoption, and AI-driven outreach to scale targeted campaigns against executives and cloud identity services. Because LinkedIn messages are accessed on corporate devices but outside email channels, organizations often rely on user reporting and URL blocking—measures that are slow and ineffective. Vendor Push Security recommends browser-level protections that analyze page code and behavior in real time to block in-browser phishing and SSO-based compromises.

🔐 Computer-using agents (CUAs) — AI systems that perceive screens and act like humans — are poised to scale phishing and credential-stuffing attacks by automating UI interactions, adapting to layout changes, and bypassing anti-bot defenses. Organizations should move beyond passwords and shared-secret MFA to device-bound, cryptographic authentication such as FIDO2 passkeys and PKI-based certificates to reduce large-scale compromise. SaaS vendors must integrate with identity platforms that support phishing-resistant credentials to strengthen overall security.

🔔 The Amazon Web Services Advanced .NET Data Provider Driver is now generally available for Amazon RDS and Amazon Aurora PostgreSQL and MySQL-compatible databases. The driver reduces RDS Blue/Green switchover and database failover times to improve application availability and supports multiple authentication mechanisms including Federated Authentication, AWS Secrets Manager, and IAM token-based authentication. Built on top of Npgsql, native MySql.Data and MySqlConnector, it integrates with NHibernate and supports Entity Framework for MySQL, and is released under the Apache 2.0 license.

🔒 Amazon Cognito user pools now support AWS PrivateLink, enabling private VPC connectivity to manage and authenticate against user pools without traversing the public internet. The enhancement covers user pool management APIs, administrative operations, and sign-in for local Cognito users, but does not support OAuth 2.0 authorization code flow (hosted UI/social logins), client credentials, or federated SAML/OIDC sign-ins via VPC endpoints. It is available in all Regions where Cognito user pools exist except AWS GovCloud (US); creating VPC endpoints will incur AWS PrivateLink charges.

🔒 Amazon S3 Access Grants are now available in the AWS Asia Pacific (Thailand) and AWS Mexico (Central) Regions. The feature maps corporate identities—such as Microsoft Entra ID or AWS IAM principals—to S3 datasets, enabling administrators to automate and scale dataset access. This reduces manual policy overhead and helps ensure consistent, auditable permissions. Check the AWS Region Table and product page for regional availability and details.

🔐 Autonomous AI agents are creating a new class of non-human identities that traditional, human-centric security models struggle to govern. These agents can persist beyond intended lifecycles, hold excessive permissions, and perform actions across systems without clear ownership, increasing risks like privilege escalation and large-scale data exfiltration. Security teams must adopt identity-first controls—unique managed identities, strict scoping, lifecycle management, and continuous auditing—to regain visibility and enforce least privilege.

🔒 BeyondTrust's 2026 predictions argue that the next major breaches will stem from unmanaged identity debt rather than simple phishing. The report highlights three identity-driven threats: agentic AI acting as privileged deputies vulnerable to prompt manipulation, automated "account poisoning" in financial systems, and long-dormant "ghost" identities surfacing in legacy IAM. The authors recommend an identity-first posture with strict least-privilege, context-aware controls, real-time auditing, and stronger identity governance.

⚠️ A new 2025 Consumer Impact Report from the Identity Theft Resource Center (ITRC) finds identity fraud is driving severe mental and financial harm, with one quarter of surveyed consumers saying they seriously considered self-harm after an incident. The figure rises to 68% among self-identified victims but falls to 14% for those who contacted the ITRC, underscoring the value of professional support. The study of 1,033 general consumers also highlights rising repeat victimisation, large monetary losses — including more than 20% losing over $100,000 and 10% losing at least $1m — social media account takeovers as the most common crime, and widespread concern that AI will be a major battleground for identity security.

🔐 Self-service password reset (SSPR) can significantly cut help desk costs and reduce downtime by letting users securely change forgotten or expired credentials without contacting support. Industry research cited in the article highlights that password-related calls are common and expensive — Gartner and Forrester figures are referenced and a Specops analysis reports average savings per user. The piece outlines security best practices including tiered risk controls, MFA, enrollment hygiene, and detection measures like rate limiting and location checks. It describes Specops uReset capabilities for Entra ID and Active Directory, automated enrollment, reporting, and a First Day Password add-on to reduce onboarding friction.