authentication

Preventing credential theft in the age of AI

Artificial Intelligence, authentication, Badge, biometrics, cybersecurity, Don't miss, Hot stuff, Privacy, Video /

Preventing credential theft in the age of AI 2024-11-21 at 06:34 By Help Net Security In this Help Net Security video, Tina Srivastava, MIT Lecturer and CEO of Badge, discusses a 20-year cryptography problem – using biometrics for authentication without storing a face/finger/voice print. This has massive implications for corporate and personal security/privacy because there […]

React to this headline:

Loading spinner

Preventing credential theft in the age of AI Read More »

Open-source and free Android password managers that prioritize your privacy

authentication, cybersecurity, Don't miss, GitHub, News, open source, password manager, passwords, software /

Open-source and free Android password managers that prioritize your privacy 2024-11-19 at 06:47 By Anamarija Pogorelec We’re often told to use strong, unique passwords, especially for important accounts like email, banking, and social media. However, managing different passwords for numerous accounts can be challenging. Password managers simplify this by securely storing all your passwords so

React to this headline:

Loading spinner

Open-source and free Android password managers that prioritize your privacy Read More »

Simplifying decentralized identity systems for everyday use

authentication, credentials, cybersecurity, Don't miss, Features, Hot stuff, identity, News, opinion, Privacy, standards, WatchGuard /

Simplifying decentralized identity systems for everyday use 2024-10-30 at 07:04 By Mirko Zorz In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital identity systems. She emphasizes modern techniques like biometrics and passkeys to replace knowledge-based authentication methods and highlights

React to this headline:

Loading spinner

Simplifying decentralized identity systems for everyday use Read More »

The NHI management challenge: When employees leave

authentication, credentials, cybersecurity, Don't miss, Entro, Expert analysis, Expert corner, framework, Hot stuff, News, Non Human Identities, opinion /

The NHI management challenge: When employees leave 2024-10-15 at 08:01 By Help Net Security An employee is exiting your organization. Regardless of the terms of departure, an ex-staffer has the potential when they leave or change roles to impact a wide range of non-human identities, digital credentials, and other secrets. Those secrets include the credentials

React to this headline:

Loading spinner

The NHI management challenge: When employees leave Read More »

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)

authentication, Don't miss, exploit, GitLab, Hot stuff, News, PoC, ProjectDiscovery, security update, Synactiv, vulnerability /

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) 2024-10-09 at 15:49 By Zeljka Zorz If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script that may help attackers gain

React to this headline:

Loading spinner

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) Read More »

The role of self-sovereign identity in enterprises

1Kosmos, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, regulation /

The role of self-sovereign identity in enterprises 2024-10-08 at 07:31 By Help Net Security As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, traditional identity systems used by enterprises often expose sensitive information to unnecessary risk, leaving both users and

React to this headline:

Loading spinner

The role of self-sovereign identity in enterprises Read More »

How hybrid workforces are reshaping authentication strategies

authentication, biometrics, cybersecurity, Don't miss, Features, FusionAuth, Hot stuff, identity verification, MFA, News, opinion, SSO /

How hybrid workforces are reshaping authentication strategies 2024-10-08 at 07:01 By Mirko Zorz In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. He advocates for zero trust strategies, including MFA and behavioral biometrics, to enhance security while maintaining productivity.

React to this headline:

Loading spinner

How hybrid workforces are reshaping authentication strategies Read More »

Three hard truths hindering cloud-native detection and response

authentication, cloud computing, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Sweet Security /

Three hard truths hindering cloud-native detection and response 2024-10-03 at 08:01 By Help Net Security According to Gartner, the market for cloud computing services is expected to reach $675 billion in 2024. Companies are shifting from testing the waters of cloud computing to making substantive investments in cloud-native IT, and attackers are shifting with them.

React to this headline:

Loading spinner

Three hard truths hindering cloud-native detection and response Read More »

15% of office workers use unsanctioned GenAI tools

access control, authentication, cybersecurity, generative AI, Ivanti, News, remote working, report, strategy, survey /

15% of office workers use unsanctioned GenAI tools 2024-10-03 at 06:31 By Help Net Security Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. Understanding workplace behavior key to strengthening security In fact, one in two

React to this headline:

Loading spinner

15% of office workers use unsanctioned GenAI tools Read More »

Reducing credential complexity with identity federation

authentication, credentials, cybersecurity, Descope, Don't miss, Features, Hot stuff, identity management, News, opinion, SSO /

Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying

React to this headline:

Loading spinner

Reducing credential complexity with identity federation Read More »

The most common authentication method is also the least secure

authentication, cyber risk, cybersecurity, News, passwords, report, survey, Yubico /

The most common authentication method is also the least secure 2024-09-30 at 06:01 By Help Net Security Despite the rise in cyber threats, many people do not have a holistic view of security, according to Yubico. The results of the survey uncovered concerning patterns and behaviors when it comes to personal and workplace cybersecurity, including

React to this headline:

Loading spinner

The most common authentication method is also the least secure Read More »

3 tips for securing IoT devices in a connected world

access control, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, IoT, News, opinion, tips, WatchGuard /

3 tips for securing IoT devices in a connected world 2024-09-27 at 08:01 By Help Net Security IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present

React to this headline:

Loading spinner

3 tips for securing IoT devices in a connected world Read More »

Securing non-human identities: Why fragmented strategies fail

authentication, Cloud Security Alliance, cybersecurity, Don't miss, Features, Hot stuff, identity, News, Non Human Identities, opinion, strategy /

Securing non-human identities: Why fragmented strategies fail 2024-09-25 at 07:31 By Mirko Zorz In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now outnumbering human identities by 20 to 1, organizations are struggling to secure these digital entities

React to this headline:

Loading spinner

Securing non-human identities: Why fragmented strategies fail Read More »

How to detect and stop bot activity

access management, authentication, bot, cybersecurity, device fingerprinting, Don't miss, Expert analysis, Expert corner, Fingerprint, Hot stuff, News, opinion, strategy /

How to detect and stop bot activity 2024-09-20 at 07:46 By Help Net Security Bad bot traffic continues to rise year-over-year, accounting for nearly a third of all internet traffic in 2023. Bad bots access sensitive data, perpetrate fraud, steal proprietary information, and degrade site performance. New technologies are enabling fraudsters to strike faster and

React to this headline:

Loading spinner

How to detect and stop bot activity Read More »

Authentik: Open-source identity provider

authentication, Don't miss, GitHub, Hot stuff, News, open source, software /

Authentik: Open-source identity provider 2024-08-16 at 07:01 By Mirko Zorz Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the need to manage these tasks

React to this headline:

Loading spinner

Authentik: Open-source identity provider Read More »

How passkeys eliminate password management headaches

authentication, cybersecurity, Don't miss, Features, Hot stuff, Industry news, opinion, passwords, rf IDEAS, SSO, standards /

How passkeys eliminate password management headaches 2024-08-15 at 07:01 By Mirko Zorz In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key benefits that organizations

React to this headline:

Loading spinner

How passkeys eliminate password management headaches Read More »

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

0-day, authentication, Don't miss, Hot stuff, Microsoft 365, MS Office, News, PrivSec /

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) 2024-08-12 at 13:31 By Zeljka Zorz A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be

React to this headline:

Loading spinner

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) Read More »

AI-generated deepfake attacks force companies to reassess cybersecurity

Artificial Intelligence, authentication, deepfakes, GetApp, News, report, survey, threat /

AI-generated deepfake attacks force companies to reassess cybersecurity 2024-07-26 at 07:31 By Help Net Security As AI-generated deepfake attacks and identity fraud become more prevalent, companies are developing response plans to address these threats, according to GetApp. In fact, 73% of US respondents report that their organization has developed a deepfake response plan. This concern

React to this headline:

Loading spinner

AI-generated deepfake attacks force companies to reassess cybersecurity Read More »

Fighting AI-powered synthetic ID fraud with AI

Artificial Intelligence, authentication, AuthenticID, biometrics, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity verification, News, opinion /

Fighting AI-powered synthetic ID fraud with AI 2024-07-18 at 07:31 By Help Net Security Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering 85% of all identity fraud cases. For security professionals, the challenge lies in staying one step ahead of these evolving threats.

React to this headline:

Loading spinner

Fighting AI-powered synthetic ID fraud with AI Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy /

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

React to this headline:

Loading spinner

Overlooked essentials: API security best practices Read More »

Scroll to Top