authentication

Exposed APIs and issues in the world’s largest organizations

Exposed APIs and issues in the world’s largest organizations 2024-12-12 at 06:32 By Help Net Security In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune 1000 organizations, with over 28,500 exposed APIs and […]

React to this headline:

Loading spinner

Exposed APIs and issues in the world’s largest organizations Read More »

Preventing credential theft in the age of AI

Preventing credential theft in the age of AI 2024-11-21 at 06:34 By Help Net Security In this Help Net Security video, Tina Srivastava, MIT Lecturer and CEO of Badge, discusses a 20-year cryptography problem – using biometrics for authentication without storing a face/finger/voice print. This has massive implications for corporate and personal security/privacy because there

React to this headline:

Loading spinner

Preventing credential theft in the age of AI Read More »

Open-source and free Android password managers that prioritize your privacy

Open-source and free Android password managers that prioritize your privacy 2024-11-19 at 06:47 By Anamarija Pogorelec We’re often told to use strong, unique passwords, especially for important accounts like email, banking, and social media. However, managing different passwords for numerous accounts can be challenging. Password managers simplify this by securely storing all your passwords so

React to this headline:

Loading spinner

Open-source and free Android password managers that prioritize your privacy Read More »

Simplifying decentralized identity systems for everyday use

Simplifying decentralized identity systems for everyday use 2024-10-30 at 07:04 By Mirko Zorz In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital identity systems. She emphasizes modern techniques like biometrics and passkeys to replace knowledge-based authentication methods and highlights

React to this headline:

Loading spinner

Simplifying decentralized identity systems for everyday use Read More »

The NHI management challenge: When employees leave

The NHI management challenge: When employees leave 2024-10-15 at 08:01 By Help Net Security An employee is exiting your organization. Regardless of the terms of departure, an ex-staffer has the potential when they leave or change roles to impact a wide range of non-human identities, digital credentials, and other secrets. Those secrets include the credentials

React to this headline:

Loading spinner

The NHI management challenge: When employees leave Read More »

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) 2024-10-09 at 15:49 By Zeljka Zorz If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script that may help attackers gain

React to this headline:

Loading spinner

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) Read More »

The role of self-sovereign identity in enterprises

The role of self-sovereign identity in enterprises 2024-10-08 at 07:31 By Help Net Security As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, traditional identity systems used by enterprises often expose sensitive information to unnecessary risk, leaving both users and

React to this headline:

Loading spinner

The role of self-sovereign identity in enterprises Read More »

How hybrid workforces are reshaping authentication strategies

How hybrid workforces are reshaping authentication strategies 2024-10-08 at 07:01 By Mirko Zorz In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. He advocates for zero trust strategies, including MFA and behavioral biometrics, to enhance security while maintaining productivity.

React to this headline:

Loading spinner

How hybrid workforces are reshaping authentication strategies Read More »

Three hard truths hindering cloud-native detection and response

Three hard truths hindering cloud-native detection and response 2024-10-03 at 08:01 By Help Net Security According to Gartner, the market for cloud computing services is expected to reach $675 billion in 2024. Companies are shifting from testing the waters of cloud computing to making substantive investments in cloud-native IT, and attackers are shifting with them.

React to this headline:

Loading spinner

Three hard truths hindering cloud-native detection and response Read More »

15% of office workers use unsanctioned GenAI tools

15% of office workers use unsanctioned GenAI tools 2024-10-03 at 06:31 By Help Net Security Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. Understanding workplace behavior key to strengthening security In fact, one in two

React to this headline:

Loading spinner

15% of office workers use unsanctioned GenAI tools Read More »

Reducing credential complexity with identity federation

Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying

React to this headline:

Loading spinner

Reducing credential complexity with identity federation Read More »

The most common authentication method is also the least secure

The most common authentication method is also the least secure 2024-09-30 at 06:01 By Help Net Security Despite the rise in cyber threats, many people do not have a holistic view of security, according to Yubico. The results of the survey uncovered concerning patterns and behaviors when it comes to personal and workplace cybersecurity, including

React to this headline:

Loading spinner

The most common authentication method is also the least secure Read More »

3 tips for securing IoT devices in a connected world

3 tips for securing IoT devices in a connected world 2024-09-27 at 08:01 By Help Net Security IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present

React to this headline:

Loading spinner

3 tips for securing IoT devices in a connected world Read More »

Securing non-human identities: Why fragmented strategies fail

Securing non-human identities: Why fragmented strategies fail 2024-09-25 at 07:31 By Mirko Zorz In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now outnumbering human identities by 20 to 1, organizations are struggling to secure these digital entities

React to this headline:

Loading spinner

Securing non-human identities: Why fragmented strategies fail Read More »

How to detect and stop bot activity

How to detect and stop bot activity 2024-09-20 at 07:46 By Help Net Security Bad bot traffic continues to rise year-over-year, accounting for nearly a third of all internet traffic in 2023. Bad bots access sensitive data, perpetrate fraud, steal proprietary information, and degrade site performance. New technologies are enabling fraudsters to strike faster and

React to this headline:

Loading spinner

How to detect and stop bot activity Read More »

Authentik: Open-source identity provider

Authentik: Open-source identity provider 2024-08-16 at 07:01 By Mirko Zorz Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the need to manage these tasks

React to this headline:

Loading spinner

Authentik: Open-source identity provider Read More »

How passkeys eliminate password management headaches

How passkeys eliminate password management headaches 2024-08-15 at 07:01 By Mirko Zorz In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key benefits that organizations

React to this headline:

Loading spinner

How passkeys eliminate password management headaches Read More »

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) 2024-08-12 at 13:31 By Zeljka Zorz A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be

React to this headline:

Loading spinner

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) Read More »

AI-generated deepfake attacks force companies to reassess cybersecurity

AI-generated deepfake attacks force companies to reassess cybersecurity 2024-07-26 at 07:31 By Help Net Security As AI-generated deepfake attacks and identity fraud become more prevalent, companies are developing response plans to address these threats, according to GetApp. In fact, 73% of US respondents report that their organization has developed a deepfake response plan. This concern

React to this headline:

Loading spinner

AI-generated deepfake attacks force companies to reassess cybersecurity Read More »

Scroll to Top