Latest news with #LDAP
Techday NZ
7 days ago
- Business
- Techday NZ
Radiant Logic launches AI tool for identity visibility
Radiant Logic has launched the full suite of its Identity Observability feature for the RadiantOne platform, offering real-time monitoring and risk management capabilities for identity and access management ecosystems. The latest release from Radiant Logic aims to provide organisations with enhanced visibility into their identity management systems and processes, which can help identify, prioritise, and address security risks before they are exploited. The RadiantOne platform now incorporates features such as continuous real-time discovery and observability across identity systems, a unified graph-based model of identity data from sources including Active Directory, LDAP, on-premise applications, Entra Identity, and SaaS platforms, and dynamic risk scoring using heuristics and pattern recognition. The platform also includes an AI Data Assistant (AIDA) that analyses intricate identity relationships, recommends corrective measures, and facilitates collaboration between line managers and resource owners to resolve identity issues. Additional features include dashboards that provide real-time monitoring of identity hygiene, comprehensive reporting, and maturity assessments designed to support policy enforcement and compliance requirements. According to Radiant Logic, the platform is designed to fit into existing enterprise environments as a SaaS or self-managed solution, supporting security initiatives such as Identity and Access Management (IAM), Identity Governance and Administration (IGA), and Zero Trust models. Dr. John Pritchard, Chief Executive Officer at Radiant Logic, commented on the release, "Identity sprawl, hybrid complexity and unmanaged access create blind spots that leave organisations vulnerable to cyber threats. With the RadiantOne platform, we're illuminating every human and non-human identity across the environment—giving security and IAM teams complete visibility into who has access to what, whether it's legitimate and how to mitigate risks, before attackers find the gaps." The platform's enhancements are aligned with guidance from research and advisory firms' recommendations, such as those from Gartner. In its 2025 Guidance for Comprehensive IAM Architecture Strategy, Gartner recommends that organisations "Invest in a centralised identity and access data platform that integrates discovery tools across all IAM layers to aggregate, correlate and reconcile identity and access data. Implement emerging artificial intelligence (AI)-driven identity and access intelligence solutions to enhance observability and automation to quickly remedy vulnerabilities or facilitate a response to identity threats." Industry stakeholders outside Radiant Logic have also commented on the significance of providing robust visibility across identity data. John Horn, Head of the Cybersecurity Practice at Datos Insights, said, "Security defences at many firms operate with incomplete views of identity data and risk across their organisation. A robust identity fabric, centred upon rich, AI-enabled identity visibility for every aspect of the business, is the new operational foundation." "Radiant Logic's Identity Observability is an exciting capability that enables enterprise-wide views of identity data and risk, combined with automated resolutions to many common security problems. As we enter the age of Agentic AI and greater cyber risk, powerful identity observability and remediation will become central capabilities for the business." Early adopters of RadiantOne's new features have reported benefits in managing identity vulnerabilities and improving oversight. A Head of IAM in the insurance sector stated, "It's truly one of the few solutions that delivers so many valuable features right out of the box. This product's real-time data visibility and intuitive interface make it an outstanding tool for monitoring identity vulnerabilities and quickly understanding the health of our company's access management." A Head of Cybersecurity in the transportation industry shared a similar sentiment, saying, "With real-time data visibility and centralised reporting, this tool makes monitoring identity and access management effortless huge improvement over our previous solutions." The RadiantOne platform's combination of real-time monitoring, unified visualisation, and AI-driven remediation is designed to support organisations in addressing the increasing complexities and threats related to identity and access management across hybrid and multi-cloud environments.
TECHx
02-05-2025
- Business
- TECHx
Cloudflare Sees Record Spike in DDoS Attacks in Q1 2025
Home » Emerging technologies » Cyber Security » Cloudflare Sees Record Spike in DDoS Attacks in Q1 2025 Cloudflare, Inc., the security, performance, and reliability company, has released its Q1 2025 DDoS report. The report highlights trends and insights from one of the world's largest global networks. The findings point to a sharp rise in DDoS attacks across industries and regions. In just the first quarter of 2025, Cloudflare mitigated 20.5 million DDoS attacks. This figure nearly matches the total for all of 2024, which stood at 21.3 million. The company's autonomous systems blocked 96% of the previous year's total volume in just three months. Network-layer attacks surged the most. Cloudflare mitigated 16.8 million such attacks in Q1 2025. That's a 397% increase quarter-over-quarter and a 509% increase year-over-year. HTTP DDoS attacks rose by 7% QoQ and 118% YoY. Hyper-volumetric attacks have become more frequent. Cloudflare blocked over 700 attacks exceeding 1 Tbps or 1 billion packets per second (Bpps). On average, it faced eight of these per day. Most were UDP-based and classified as network-layer DDoS. Key observations: About 4 in 100,000 network-layer attacks were hyper-volumetric. 6 in 100 HTTP DDoS attacks exceeded 1 million requests per second (rps). 99% of L3/4 attacks remained under 1 Gbps and 1M pps. 94% of HTTP DDoS attacks were below 1M rps. Most attacks were short. 89% of network-layer and 75% of HTTP DDoS attacks ended within 10 minutes. Some of the largest attacks lasted just a minute, leaving little time for human response. Cloudflare identified Germany as the top target in Q1. The country jumped four spots to take first place. Turkey surged 11 positions to second. China dropped to third. Meanwhile, Hong Kong became the top source of DDoS attacks, followed by Indonesia and Argentina. New attack vectors also gained traction. CLDAP reflection attacks saw a 3,488% QoQ increase. CLDAP, a UDP-based variant of LDAP, enables IP spoofing and is being abused for amplification. ESP reflection attacks rose by 2,301% QoQ. ESP, part of the IPsec protocol, can be exploited if misconfigured systems are targeted. Industries affected the most in Q1 include: Gambling & Casinos (top target, up 4 spots) Telecommunications (second place) Information Technology & Services Internet Gaming The Airlines, Aviation & Aerospace sector had the largest leap, moving up 40 positions to enter the top 10. The top five source countries for DDoS attacks were: Hong Kong Indonesia Argentina Singapore Ukraine Bashar Bashaireh, AVP Middle East, Türkiye & North Africa at Cloudflare, stated, 'Many organizations still adopt DDoS protection only after an incident or rely on outdated solutions. Our data shows that proactive, always-on strategies are more effective. That's why we focus on automation and in-line protection, powered by our 348 Tbps global network.' Cloudflare's findings underline a shift in the cyber threat landscape. The scale, speed, and volume of DDoS attacks continue to increase. Businesses are urged to adopt real-time, automated protection to remain resilient.
Forbes
01-04-2025
- Business
- Forbes
Proactive Steps For Healthcare CIOs Amid Oracle Security Concerns
Oracle informed some of its healthcare customers about a breach earlier this year. A separate incident report indicates hackers accessed Oracle servers and have access to sensitive data. The hacker claimed to have data that contained the following: Oracle has not publicly responded to the incident yet, but healthcare CIOs who are Oracle customers must take the following steps now. CIOs must work with their organizations to reset all single sign-on and LDAP passwords, prioritizing privileged accounts such as system administrators. This is an opportunity to remind everyone of the policy, emphasizing strong passwords and the need for every organization to have Multi-Factor Authentication (MFA) in place. Technology leaders must work with Oracle to regenerate and replace all compromised JPS and JKS keys to prevent unauthorized access to Oracle Enterprise Manager. Unfortunately, this exercise will cause business disruption and downtime. The organization's system administrator must thoroughly analyze authentication logs, system access records, and other relevant logs to detect unauthorized activities or anomalies within the network environment and the Oracle instance. Real-time monitoring solutions should also be deployed to continuously detect and respond to suspicious activities. Access controls should be reviewed and tightened according to the principle of least privilege to minimize potential attack surfaces. Two security basics have to be part of IT's DNA. The IT system administrator must perform routing Patch Management: Ensure all systems are updated with the latest security patches to protect against known vulnerabilities. The Oracle incident stems from the speculation that exploited a vulnerability in the Oracle Access Manager. Every security incident is a learning moment. Organizations must swiftly educate employees about the critical importance of cybersecurity. Use the incident to reinforce best practices such as creating strong passwords, recognizing phishing attempts, and staying vigilant online. By turning these events into opportunities for education, CIOs can strengthen their organization's defenses and embed security awareness into the culture at every level. CIOs must actively partner with marketing and legal teams to plan the next steps. They should prioritize internal communication by promptly informing all relevant stakeholders about the breach, outlining the actions underway, and clarifying any steps employees must take. At the same time, communication leaders must prepare for external communication to patients—and possibly Health and Human Services—if the breach affects more than 500 individuals, as required for covered entities. This stage may also be the right time to activate the organization's cyber insurance policy to ensure full compliance with all protocols and avoid missing critical steps in the response process. At this stage, with Oracle remaining silent on both incidents, healthcare CIOs must take a proactive stance. As third-party security risks continue challenging organizations, CIOs must strengthen their oversight and response strategies. These types of incidents are becoming increasingly common across the enterprise, making it critical to stay ahead of potential vulnerabilities.
TECHx
25-03-2025
- TECHx
UAE Cybersecurity Council Blocks Cyberattacks on 634 Entities
UAE Cybersecurity Council Blocks Cyberattacks on 634 Entities News Desk - Share The UAE Government's Cybersecurity Council has successfully defended against cyberattacks targeting 634 government and private entities. These attacks aimed to leak data from vital and strategic sectors across the UAE. However, the Council responded swiftly using global best cybersecurity practices. Dr. Mohamed AlKuwaiti, Head of Cybersecurity for the UAE Government, told Emirates News Agency (WAM) that a hacker known as 'rose87168' claimed to have breached Oracle Cloud's SSO and LDAP systems. This breach reportedly exposed around six million customer records worldwide, including sensitive user passwords. According to Dr. AlKuwaiti, the breach may have affected up to 140,000 entities globally. Among them, 634 are in the UAE—30 government entities, 13 private organizations, and others from various sectors. In response, the Cybersecurity Council activated emergency systems across the country. It is working closely with relevant authorities to protect the UAE's cyberspace and prevent future threats. The Council also urged all government and private organizations to strengthen their cybersecurity measures. It called for increased cyber readiness and immediate reporting of any suspicious activity. Furthermore, the Council emphasized the need for constant vigilance. As cyber threats evolve, adopting the latest security practices is crucial to defend against advanced hacking and fraud techniques.
Sharjah 24
24-03-2025
- Sharjah 24
UAE successfully deals with cyberattacks targeting 634 entities
Dr. Mohamed AlKuwaiti, Head of Cybersecurity for the UAE Government, told the Emirates News Agency (WAM) that a threat actor known as "rose87168" claimed to have breached the Oracle Cloud's SSO and LDAP, resulting in the leak of approximately six million customer records globally, including sensitive user password data. 140,000 entities worldwide He added that estimates suggest around 140,000 entities worldwide may have been affected by the breach, including 634 entities in the UAE—of which 30 are government entities, 13 are private, and the rest fall under other categories. The Cybersecurity Council clarified that emergency cybersystems have been activated across the country in coordination with relevant authorities to safeguard the UAE's cyberspace and strengthen its protection against any attempts of hacking or threats. Urged all government and private institutions to enhance their cybersecurity defences The Council's urged all government and private institutions to enhance their cybersecurity defences, raise their cyber readiness levels, and report any suspicious activity that may target digital systems immediately. It also stressed the importance of remaining vigilant and adopting the best security practices to counter growing cyber threats, especially with the evolution of hacking and cyber fraud tools that now take on various forms.
