authentication

TruffleHog: Open-source solution for scanning secrets

authentication, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, scanning, software /

TruffleHog: Open-source solution for scanning secrets 2024-02-21 at 07:31 By Mirko Zorz TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I independently authored in 2016. When I published it, no tools were scanning Git revision history for secrets. My hunch was […]

React to this headline:

Loading spinner

TruffleHog: Open-source solution for scanning secrets Read More »

How decentralized identity is shaping the future of data protection

authentication, cybersecurity, digital wallet, Don't miss, Features, Hot stuff, identity, identity management, News, opinion, Ping Identity, Privacy, standards /

How decentralized identity is shaping the future of data protection 2024-02-20 at 07:32 By Mirko Zorz In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity (DCI) in cybersecurity. By redistributing identity management responsibilities among issuers, holders, and verifiers, DCI empowers individuals to selectively

React to this headline:

Loading spinner

How decentralized identity is shaping the future of data protection Read More »

Why identity fraud costs organizations millions

authentication, cybersecurity, dark web, deepfakes, Don't miss, Hot stuff, HYPR, identity, social engineering, Video /

Why identity fraud costs organizations millions 2024-02-20 at 07:01 By Help Net Security 92% of respondents to a recent report shared that their organization had been a victim of identity fraud, costing an average of $4.3 million over the last 12 months. Even so, only 40% stated identity verification as a top identity challenge, noting

React to this headline:

Loading spinner

Why identity fraud costs organizations millions Read More »

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge

authentication, Compliance, cybersecurity, Don't miss, EasyDMARC, Email, Expert analysis, Expert corner, Gmail, Hot stuff, News, opinion, standards, Yahoo /

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge 2024-02-16 at 08:01 By Help Net Security The essence of cybersecurity is not just about defense but enabling business through trust and reliability. As Gmail and Yahoo take steps to enforce stricter email authentication, organizations that are proactive in their DMARC compliance will

React to this headline:

Loading spinner

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge Read More »

Zero trust implementation: Plan, then execute, one step at a time

access management, authentication, Don't miss, Hot stuff, News, strategy, tips, zero trust /

Zero trust implementation: Plan, then execute, one step at a time 2024-02-01 at 08:02 By Helga Labus 82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust implementation You’ve probably heard it before: zero trust

React to this headline:

Loading spinner

Zero trust implementation: Plan, then execute, one step at a time Read More »

Great security or great UX? Both, please

authentication, biometrics, cybersecurity, Don't miss, Expert analysis, Frontegg, Hot stuff, News, opinion, passwords, SaaS /

Great security or great UX? Both, please 2024-01-30 at 08:02 By Help Net Security A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want the user to strongly validate their

React to this headline:

Loading spinner

Great security or great UX? Both, please Read More »

Attackers can steal NTLM password hashes via calendar invites

authentication, Don't miss, enterprise, Hot stuff, News, Outlook, passwords, SMBs, Varonis, vulnerability, Windows /

Attackers can steal NTLM password hashes via calendar invites 2024-01-22 at 15:46 By Zeljka Zorz A recently patched vulnerability in Microsoft Outlook (CVE-2023-35636) that can be used by attackers to steal users’ NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has

React to this headline:

Loading spinner

Attackers can steal NTLM password hashes via calendar invites Read More »

Out with the old and in with the improved: MFA needs a revamp

Acronis, authentication, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, MFA, News, opinion, phishing, zero trust /

Out with the old and in with the improved: MFA needs a revamp 2024-01-19 at 08:02 By Help Net Security From AI to ZTA (zero-trust architecture), the technology responsible for protecting your company’s data has evolved immensely. Despite the advances, cybercriminals repeatedly find new and creative ways to gain access to sensitive information. This can

React to this headline:

Loading spinner

Out with the old and in with the improved: MFA needs a revamp Read More »

Digital nomads amplify identity fraud risks

authentication, cybersecurity, fraud, identity verification, News, Regula, report, survey /

Digital nomads amplify identity fraud risks 2024-01-19 at 06:31 By Help Net Security The number of foreign document verification cases in all parts of the world has grown by an average of 21% since the summer of 2021, according to Regula. It’s even higher in the US and UAE: these countries are experiencing a 25%

React to this headline:

Loading spinner

Digital nomads amplify identity fraud risks Read More »

Security considerations during layoffs: Advice from an MSSP

access management, authentication, cybersecurity, data security, DirectDefense, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, tips /

Security considerations during layoffs: Advice from an MSSP 2024-01-17 at 08:01 By Help Net Security Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee

React to this headline:

Loading spinner

Security considerations during layoffs: Advice from an MSSP Read More »

3 ways to combat rising OAuth SaaS attacks

access control, Adaptive Shield, attacks, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, monitoring, News, OAuth, opinion, SaaS /

3 ways to combat rising OAuth SaaS attacks 2024-01-16 at 07:31 By Help Net Security OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the

React to this headline:

Loading spinner

3 ways to combat rising OAuth SaaS attacks Read More »

Understanding zero-trust design philosophy and principles

authentication, Bloomberg, cybersecurity, Don't miss, Features, Hot stuff, identity management, News, opinion, SSO, standards, zero trust /

Understanding zero-trust design philosophy and principles 2024-01-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. Vachon explores challenges in implementing zero trust,

React to this headline:

Loading spinner

Understanding zero-trust design philosophy and principles Read More »

Breaking down the state of authentication

authentication, Axiad, cyberattack, cybersecurity, Don't miss, Hot stuff, MFA, passwordless, passwords, phishing, strategy, Video /

Breaking down the state of authentication 2024-01-05 at 07:02 By Help Net Security In this Help Net Security video, Bassam Al-Khalidi, co-CEO of Axiad, discusses the results of Axiad’s recent State of Authentication Survey. Key findings from the survey revealed: – 39% indicated phishing is the most feared cyberattack, while 49% said it is the

React to this headline:

Loading spinner

Breaking down the state of authentication Read More »

Cybersecurity challenges emerge in the wake of API expansion

API security, Artificial Intelligence, authentication, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, Treblle /

Cybersecurity challenges emerge in the wake of API expansion 2024-01-03 at 08:01 By Mirko Zorz In this Help Net Security interview, Vedran Cindric, CEO at Treblle, discusses the exponential growth of AI-related APIs, citing a 96% increase in 2023. He sheds light on the integral role APIs play in powering AI interactions, revealing the invisible

React to this headline:

Loading spinner

Cybersecurity challenges emerge in the wake of API expansion Read More »

Wi-Fi 7’s mission-critical role in enterprise, industrial networking

Artificial Intelligence, authentication, cybersecurity, Don't miss, Features, Hot stuff, IoT, network, News, opinion, wireless, Wireless Broadband Alliance /

Wi-Fi 7’s mission-critical role in enterprise, industrial networking 2024-01-02 at 06:31 By Mirko Zorz As we transition from Wi-Fi 6 to the more advanced Wi-Fi 7, we uncover the significant enhancements in speed, efficiency, and spectrum usage that set it apart from its predecessors. In this Help Net Security interview, Tiago Rodrigues, CEO at Wireless

React to this headline:

Loading spinner

Wi-Fi 7’s mission-critical role in enterprise, industrial networking Read More »

Why you need to extend enterprise IT security to the mainframe

access management, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, mainframe security, MFA, News, OpenText, opinion, standards /

Why you need to extend enterprise IT security to the mainframe 2023-12-29 at 07:32 By Help Net Security Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the incompatibility of tools designed for both mainframes and enterprise settings, resulting in disparate solutions, training

React to this headline:

Loading spinner

Why you need to extend enterprise IT security to the mainframe Read More »

3 main tactics attackers use to bypass MFA

authentication, cybercrime, cybersecurity, MFA, News, report, SE Labs, survey /

3 main tactics attackers use to bypass MFA 2023-12-26 at 07:09 By Help Net Security Notable security breaches have bypassed MFA to compromise taxi broker Uber, games company EA, and authentication business Okta, according to SE Labs. CISOs must bolster MFA protections SE Labs advised CISOs to step-up their efforts against attacks on systems protected

React to this headline:

Loading spinner

3 main tactics attackers use to bypass MFA Read More »

A closer look at LATMA, the open-source lateral movement detection tool

authentication, cybersecurity, Don't miss, Hot stuff, open source, Silverfort, Video /

A closer look at LATMA, the open-source lateral movement detection tool 13/12/2023 at 08:01 By Help Net Security In this Help Net Security video, Gal Sadeh, Head of Data and Security Research at Silverfort, discusses LATMA, a free, open-source tool. It’s engineered with advanced algorithms to track and report any unusual activity within an environment.

React to this headline:

Loading spinner

A closer look at LATMA, the open-source lateral movement detection tool Read More »

Many popular websites still cling to password creation policies from 1985

authentication, Don't miss, Hot stuff, News, passwords, policy, research, trends /

Many popular websites still cling to password creation policies from 1985 12/12/2023 at 09:01 By Helga Labus A significant number of popular websites still allow users to choose weak or even single-character passwords, researchers at Georgia Institute of Technology have found. Websites’ lax creation policies for passwords The researchers used an automated account creation method

React to this headline:

Loading spinner

Many popular websites still cling to password creation policies from 1985 Read More »

eIDAS: EU’s internet reforms will undermine a decade of advances in online security

authentication, certificates, cybersecurity, Don't miss, EU, Expert analysis, Expert corner, framework, hide.me, Hot stuff, News, opinion, Privacy, regulation /

eIDAS: EU’s internet reforms will undermine a decade of advances in online security 12/12/2023 at 08:32 By Help Net Security The European Union’s attempt to reform its electronic identification and trust services – a package of laws better known as eIDAS 2.0 – contains legislation that poses a grave threat to online privacy and security.

React to this headline:

Loading spinner

eIDAS: EU’s internet reforms will undermine a decade of advances in online security Read More »

Scroll to Top