authentication - Security Ticks

Authentik: Open-source identity provider

authentication, Don't miss, GitHub, Hot stuff, News, open source, software / SecurityTicks

Authentik: Open-source identity provider 2024-08-16 at 07:01 By Mirko Zorz Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the need to manage these tasks […]

React to this headline:

Authentik: Open-source identity provider Read More »

How passkeys eliminate password management headaches

authentication, cybersecurity, Don't miss, Features, Hot stuff, Industry news, opinion, passwords, rf IDEAS, SSO, standards / SecurityTicks

How passkeys eliminate password management headaches 2024-08-15 at 07:01 By Mirko Zorz In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key benefits that organizations

React to this headline:

How passkeys eliminate password management headaches Read More »

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

0-day, authentication, Don't miss, Hot stuff, Microsoft 365, MS Office, News, PrivSec / SecurityTicks

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) 2024-08-12 at 13:31 By Zeljka Zorz A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be

React to this headline:

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) Read More »

AI-generated deepfake attacks force companies to reassess cybersecurity

Artificial Intelligence, authentication, deepfakes, GetApp, News, report, survey, threat / SecurityTicks

AI-generated deepfake attacks force companies to reassess cybersecurity 2024-07-26 at 07:31 By Help Net Security As AI-generated deepfake attacks and identity fraud become more prevalent, companies are developing response plans to address these threats, according to GetApp. In fact, 73% of US respondents report that their organization has developed a deepfake response plan. This concern

React to this headline:

AI-generated deepfake attacks force companies to reassess cybersecurity Read More »

Fighting AI-powered synthetic ID fraud with AI

Artificial Intelligence, authentication, AuthenticID, biometrics, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity verification, News, opinion / SecurityTicks

Fighting AI-powered synthetic ID fraud with AI 2024-07-18 at 07:31 By Help Net Security Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering 85% of all identity fraud cases. For security professionals, the challenge lies in staying one step ahead of these evolving threats.

React to this headline:

Fighting AI-powered synthetic ID fraud with AI Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy / SecurityTicks

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

React to this headline:

Overlooked essentials: API security best practices Read More »

Using Authy? Beware of impending phishing attempts

2FA, API security, authentication, CCC, cloud security, Data leak, Don't miss, Hot stuff, MFA, News, phishing, Twilio / SecurityTicks

Using Authy? Beware of impending phishing attempts 2024-07-11 at 15:46 By Zeljka Zorz Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the

React to this headline:

Using Authy? Beware of impending phishing attempts Read More »

Google removes enrollment barrier for prospective Advanced Protection Program users

account protection, authentication, Don't miss, Google, Hot stuff, News, passwordless / SecurityTicks

Google removes enrollment barrier for prospective Advanced Protection Program users 2024-07-10 at 14:01 By Zeljka Zorz Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the

React to this headline:

Google removes enrollment barrier for prospective Advanced Protection Program users Read More »

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro

authentication, Compliance, cybersecurity, Don't miss, Hot stuff, identity, News, Swissbit, Token / SecurityTicks

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro 2024-07-01 at 07:01 By Help Net Security In today’s fast-paced business world, protecting digital identities and optimizing daily workflows are crucial. The iShield Key Pro series from Swissbit addresses these challenges by offering top-notch security combined with effortless usability. Let’s delve into how the iShield

React to this headline:

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro Read More »

From passwords to passkeys: Enhancing security and user satisfaction

authentication, Compliance, credentials, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, passwordless, passwords, regulation, Stytch / SecurityTicks

From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of

React to this headline:

From passwords to passkeys: Enhancing security and user satisfaction Read More »

Preparing for a post-quantum future

authentication, automation, certificates, cybersecurity, Don't miss, Encryption, Hot stuff, identity, Privacy, quantum computing, Venafi, Video / SecurityTicks

Preparing for a post-quantum future 2024-06-18 at 06:31 By Help Net Security Post-quantum cryptography (PQC) is a hot topic. A recent paper from Tsinghua University raised doubts about lattice-based cryptography for PQC, though an error was found. This has sparked questions about the strength of soon-to-be-standardized PQC algorithms. In this Help Net Security video, Kevin

React to this headline:

Preparing for a post-quantum future Read More »

The rise of SaaS security teams

Artificial Intelligence, authentication, Cloud Security Alliance, cybersecurity, data breach, Don't miss, Features, Hot stuff, Incident Response, machine learning, News, opinion, SaaS, skill development, strategy / SecurityTicks

The rise of SaaS security teams 2024-06-17 at 07:31 By Mirko Zorz In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent surge in organizations establishing dedicated SaaS security teams is driven by significant data breaches involving widely used platforms. What motivated the recent surge in

React to this headline:

The rise of SaaS security teams Read More »

Identity-related incidents becoming severe, costing organizations a fortune

authentication, cybercrime, cybersecurity, identity, IDSA, News, report, social engineering, survey / SecurityTicks

Identity-related incidents becoming severe, costing organizations a fortune 2024-05-30 at 06:09 By Help Net Security With the rise of identity sprawl and system complexity, more businesses are suffering identity-related incidents than ever before, according to IDSA. Identity-related incidents in headlines Identity-related incidents continue to dominate today’s headlines. Clorox, MGM, and Caesars fell prey to social

React to this headline:

Authelia: Open-source authentication and authorization server

authentication, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OpenSSF, software / SecurityTicks

Authelia: Open-source authentication and authorization server 2024-05-22 at 07:33 By Mirko Zorz Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. Authelia connects directly to the reverse proxy but never to the application backends.

React to this headline:

Authelia: Open-source authentication and authorization server Read More »

Consumers continue to overestimate their ability to spot deepfakes

Artificial Intelligence, authentication, cybercrime, cybersecurity, deepfakes, fraud, generative AI, Government, identity, identity verification, Jumio, News, regulation, report / SecurityTicks

Consumers continue to overestimate their ability to spot deepfakes 2024-05-20 at 06:31 By Help Net Security The Jumio 2024 Online Identity Study reveals significant consumer concerns about the risks posed by generative AI and deepfakes, including the potential for increased cybercrime and identity fraud. The study examined the views of more than 8,000 adult consumers,

React to this headline:

Consumers continue to overestimate their ability to spot deepfakes Read More »

The importance of access controls in incident response

access control, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, Incident Response, News, opinion, Rootly / SecurityTicks

The importance of access controls in incident response 2024-05-17 at 12:31 By Help Net Security The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your development and operations teams are blocked from solving the

React to this headline:

The importance of access controls in incident response Read More »

How secure is the “Password Protection” on your files and drives?

authentication, cybersecurity, Data Protection, Don't miss, Encryption, Expert analysis, Expert corner, hardware, Hot stuff, Kingston Digital, News, opinion, passwords / SecurityTicks

How secure is the “Password Protection” on your files and drives? 2024-05-10 at 08:31 By Help Net Security People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate security against prying eyes. However, simple password protection on a PDF or Excel

React to this headline:

How secure is the “Password Protection” on your files and drives? Read More »

Triangulation fraud: The costly scam hitting online retailers

Artificial Intelligence, attacks, authentication, biometrics, cybersecurity, Don't miss, Features, fraud, Hot stuff, News, online payment, opinion, remote access, scams, Visa / SecurityTicks

Triangulation fraud: The costly scam hitting online retailers 2024-04-30 at 08:01 By Mirko Zorz In this Help Net Security interview, Mike Lemberger, Visa’s SVP, Chief Risk Officer, North America, discusses the severe financial losses resulting from triangulation fraud, estimating monthly losses to range from $660 million to $1 billion among merchants. He also highlights the

React to this headline:

Triangulation fraud: The costly scam hitting online retailers Read More »

Most people still rely on memory or pen and paper for password management

authentication, Bitwarden, cybersecurity, Don't miss, News, passwords, report, survey / SecurityTicks

Most people still rely on memory or pen and paper for password management 2024-04-26 at 08:02 By Help Net Security Bitwarden surveyed 2,400 individuals from the US, UK, Australia, France, Germany, and Japan to investigate current user password practices. The survey shows that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit

React to this headline:

Most people still rely on memory or pen and paper for password management Read More »

What is multi-factor authentication (MFA), and why is it important?

access management, authentication, BARR Advisory, cybersecurity, Don't miss, Hot stuff, MFA, password manager, passwords, Privacy, tips, Video / SecurityTicks

What is multi-factor authentication (MFA), and why is it important? 2024-04-23 at 06:31 By Help Net Security Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible

React to this headline:

What is multi-factor authentication (MFA), and why is it important? Read More »