Social data puts user passwords at risk in unexpected ways 2025-11-28 at 09:08 By Anamarija Pogorelec Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal how much information can be reconstructed from public profiles and how […]
Social data puts user passwords at risk in unexpected ways Read More »
Why password management defines PCI DSS success 2025-11-28 at 08:03 By Sinisa Markovic Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance. It can be overwhelming to sort out what matters. When you dig into real incidents involving payment data, a surprising number come down to
Why password management defines PCI DSS success Read More »
The identity mess your customers feel before you do 2025-11-27 at 07:55 By Anamarija Pogorelec Customer identity has become one of the most brittle parts of the enterprise security stack. Teams know authentication matters, but organizations keep using methods that frustrate users and increase risk. New research from Descope shows how companies manage customer identity
The identity mess your customers feel before you do Read More »
Research shows identity document checks are missing key signals 2025-11-21 at 10:06 By Anamarija Pogorelec Most CISOs spend their time thinking about account takeover and phishing, but identity document fraud is becoming a tougher challenge. A new systematic review shows how attackers are pushing past old defenses and how detection models are struggling to keep
Research shows identity document checks are missing key signals Read More »
Is your password manager truly GDPR compliant? 2025-11-20 at 08:34 By Sinisa Markovic Passwords sit at the core of every critical system, but many organizations still overlook how fragile their password workflows can be. When something goes wrong, security teams rush to uncover who had access, how those passwords were stored and whether sensitive data
Is your password manager truly GDPR compliant? Read More »
Product showcase: Proton Pass, a password manager with identity protection 2025-11-19 at 07:02 By Help Net Security Managing passwords can be a real headache, and it’s still common to fall back on reusing them or storing them in a browser without much protection. Proton Pass, built by the Swiss company Proton AG (the team behind
Product showcase: Proton Pass, a password manager with identity protection Read More »
Wi-Fi signals may hold the key to touchless access control 2025-11-10 at 09:00 By Mirko Zorz Imagine walking into a secure building where the door unlocks the moment your hand hovers near it. No keycards, no PINs, no fingerprints. Instead, the system identifies you by the way your palm distorts the surrounding Wi-Fi signal. That
Wi-Fi signals may hold the key to touchless access control Read More »
Passwordless adoption moves from hype to habit 2025-10-31 at 08:00 By Anamarija Pogorelec With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the shift is picking
Passwordless adoption moves from hype to habit Read More »
WhatsApp now lets you secure chat backups with passkeys 2025-10-30 at 15:46 By Anamarija Pogorelec Messaging service WhatsApp is launching passkey-encrypted chat backups for iOS and Android, allowing users to encrypt their stored message history using their face, fingerprint, or device screen-lock code. Backups have long been a weak link in messaging-security. Even if chats
WhatsApp now lets you secure chat backups with passkeys Read More »
Can your earbuds recognize you? Researchers are working on it 2025-10-27 at 09:05 By Mirko Zorz Biometric authentication has moved from fingerprints to voices to facial scans, but a team of researchers believes the next step could be inside the ear. New research explores how the ear canal’s unique acoustic properties can be used to
Can your earbuds recognize you? Researchers are working on it Read More »
The password problem we keep pretending to fix 2025-10-16 at 07:15 By Anamarija Pogorelec Experts across industries say they are still losing ground against identity-related breaches, even after years of investment in stronger access controls, according to RSA. Many said their organizations had faced at least one identity-related breach in recent years, and most of
The password problem we keep pretending to fix Read More »
Behind the screens: Building security customers appreciate 2025-10-09 at 08:03 By Mirko Zorz In this Help Net Security interview, Jess Vachon, CISO at PRA Group, discusses the company’s multi-layered defense against fraud and its commitment to protecting customer trust. Vachon explains how PRA Group balances identity verification with a seamless customer experience. Vachon also reflects
Behind the screens: Building security customers appreciate Read More »
Old authentication habits die hard 2025-10-06 at 07:48 By Anamarija Pogorelec Many organizations still rely on weak authentication methods while workers’ personal habits create additional risks, according to Yubico. Training and policy gaps 40% of employees said they have never received cybersecurity training. Even among those who have, the guidance is often outdated because many
Old authentication habits die hard Read More »
GitHub Boosting Security in Response to NPM Supply Chain Attacks 2025-09-24 at 13:18 By Ionut Arghire GitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing. The post GitHub Boosting Security in Response to NPM Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt
GitHub Boosting Security in Response to NPM Supply Chain Attacks Read More »
Scalekit Raises $5.5 Million to Secure AI Agent Authentication 2025-09-17 at 15:03 By Ionut Arghire The startup provides an authentication stack that secures both incoming authentication and outgoing agent actions. The post Scalekit Raises $5.5 Million to Secure AI Agent Authentication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Scalekit Raises $5.5 Million to Secure AI Agent Authentication Read More »
Password crisis in healthcare: Meeting and exceeding HIPAA requirements 2025-08-20 at 19:25 By Help Net Security In 2025, healthcare organizations are facing a new wave of password security risks. Recent data from the HIMSS Cybersecurity Survey reveals that 74% experienced at least one significant security incident over the last year. More than half of responders
Password crisis in healthcare: Meeting and exceeding HIPAA requirements Read More »
New NIST guide explains how to detect morphed images 2025-08-18 at 18:00 By Sinisa Markovic Face morphing software can blend two people’s photos into one image, making it possible for someone to fool identity checks at buildings, airports, borders, and other secure places. These morphed images can trick face recognition systems into linking the photo
New NIST guide explains how to detect morphed images Read More »
NIST finalizes lightweight cryptography standard for small devices 2025-08-13 at 17:24 By Anamarija Pogorelec The National Institute of Standards and Technology (NIST) has finalized a lightweight cryptography standard to protect even the smallest networked devices from cyberattacks. Published as Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST Special Publication 800-232), the standard offers tools for
NIST finalizes lightweight cryptography standard for small devices Read More »
1Kosmos Raises $57 Million for Identity Verification and Authentication Platform 2025-08-12 at 16:11 By Eduard Kovacs 1Kosmos has raised $57 million in Series B funding, which brings the total raised by the company to $72 million. The post 1Kosmos Raises $57 Million for Identity Verification and Authentication Platform appeared first on SecurityWeek. This article is
1Kosmos Raises $57 Million for Identity Verification and Authentication Platform Read More »
From legacy to SaaS: Why complexity is the enemy of enterprise security 2025-08-11 at 08:32 By Mirko Zorz In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance
From legacy to SaaS: Why complexity is the enemy of enterprise security Read More »