authentication

Short-term AWS access tokens allow attackers to linger for a longer while

access management, Amazon Web Services, authentication, cloud security, Don't miss, Hot stuff, News, Red Canary /

Short-term AWS access tokens allow attackers to linger for a longer while 07/12/2023 at 17:32 By Zeljka Zorz Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated with an […]

React to this headline:

Loading spinner

Short-term AWS access tokens allow attackers to linger for a longer while Read More »

Keyless Goes Independent, Raises $6M for Biometric Authentication

authentication, biometrics, Compliance, Fraud & Identity Theft, Funding/M&A, Identity & Access, Keyless, passwordless, Sift /

Keyless Goes Independent, Raises $6M for Biometric Authentication 29/11/2023 at 19:01 By Ryan Naraine British startup building biometric authentication technology has snagged $6 million in a new round of funding led by Rialto Ventures. The post Keyless Goes Independent, Raises $6M for Biometric Authentication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Keyless Goes Independent, Raises $6M for Biometric Authentication Read More »

Okta breach: Hackers stole info on ALL customer support users

authentication, data breach, Don't miss, Hot stuff, News, Okta, phishing, privileged identity, social engineering /

Okta breach: Hackers stole info on ALL customer support users 29/11/2023 at 14:16 By Zeljka Zorz The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta

React to this headline:

Loading spinner

Okta breach: Hackers stole info on ALL customer support users Read More »

Strategies for cultivating a supportive culture in zero-trust adoption

authentication, automation, CIO, CISA, Cisco, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity, News, NIST, opinion, SOAR, strategy, zero trust /

Strategies for cultivating a supportive culture in zero-trust adoption 29/11/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability. Goerlich emphasizes the

React to this headline:

Loading spinner

Strategies for cultivating a supportive culture in zero-trust adoption Read More »

How passkeys are reshaping user security and convenience

1Password, authentication, CISO, cybersecurity, Don't miss, Features, Hot stuff, MFA, News, opinion, passwordless, passwords, strategy, tips /

How passkeys are reshaping user security and convenience 28/11/2023 at 08:34 By Mirko Zorz In this Help Net Security interview, Anna Pobletts, Head of Passwordless at 1Password, talks about passkey adoption and its acceleration in 2024. This trend is particularly notable among highly-regulated services like fintech and banking, where users seek a sign-in experience that

React to this headline:

Loading spinner

How passkeys are reshaping user security and convenience Read More »

The new imperative in API security strategy

access control, API security, authentication, cybersecurity, News, report, SSO, survey, Wallarm /

The new imperative in API security strategy 16/11/2023 at 07:01 By Help Net Security Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according to Wallarm. Prioritizing AAA principles Open authentication (OAuth), single-sign on (SSO) and JSON Web Token (JWT),

React to this headline:

Loading spinner

The new imperative in API security strategy Read More »

How global password practices are changing

authentication, CISO, credentials, cybersecurity, Dashlane, Don't miss, MFA, News, password manager, passwords, report /

How global password practices are changing 06/11/2023 at 09:33 By Help Net Security Password health and hygiene improved globally over the past year, reducing the risk of account takeover for consumers and businesses, according to Dashlane. Password reuse remains prevalent, however, leaving user accounts particularly vulnerable to password-spraying attacks if they’re not protected by strong

React to this headline:

Loading spinner

How global password practices are changing Read More »

A closer look at healthcare’s battle with AI-driven attacks

access control, Artificial Intelligence, attacks, authentication, biometrics, cybercrime, cybersecurity, data breach, deepfakes, Don't miss, FBI, Features, fraud, healthcare, Hot stuff, medical devices, MFA, Moss Adams, News, opinion, Privacy, Ransomware /

A closer look at healthcare’s battle with AI-driven attacks 31/10/2023 at 08:02 By Mirko Zorz With its wealth of sensitive patient data, the healthcare industry has become a prime target for cybercriminals leveraging AI tools. As these threats continue to evolve, it’s important to understand how AI is shaping the cybercrime landscape in healthcare and

React to this headline:

Loading spinner

A closer look at healthcare’s battle with AI-driven attacks Read More »

The dangers of dual ransomware attacks

attacks, authentication, backup, CIO, CISO, Cohesity, collaboration, cybersecurity, data management, data security, digital forensics, disaster recovery, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, News, opinion, Ransomware /

The dangers of dual ransomware attacks 30/10/2023 at 09:32 By Help Net Security At some point in the movie “Groundhog Day,” Phil Connors breaks his bedside radio when he is woken up (yet again) by the song “I Got You Babe”. This déjà vu seems to await companies that fall victim to ransomware and fail

React to this headline:

Loading spinner

The dangers of dual ransomware attacks Read More »

1Password also affected by Okta Support System breach

1Password, authentication, BeyondTrust, CISO, Cloudflare, cybersecurity, Don't miss, Hot stuff, identity protection, News, Okta, privileged identity /

1Password also affected by Okta Support System breach 24/10/2023 at 13:50 By Zeljka Zorz Following in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach. “On September 29, we detected suspicious activity on our Okta instance that we use to manage our employee-facing apps,”

React to this headline:

Loading spinner

1Password also affected by Okta Support System breach Read More »

How passkeys are changing the face of authentication

1Kosmos, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, MFA, News, opinion, passwordless /

How passkeys are changing the face of authentication 23/10/2023 at 08:05 By Help Net Security As passwordless identity becomes mainstream, the term “passkey” is quickly becoming a new buzzword in cybersecurity. But what exactly is a passkey and why do we need them? A passkey is a digital credential that can only be used by

React to this headline:

Loading spinner

How passkeys are changing the face of authentication Read More »

Legacy authentication leads to growing consumer frustration

apple, authentication, biometrics, FIDO Alliance, generative AI, Google, News, passwordless, passwords, PayPal, report, scams, survey /

Legacy authentication leads to growing consumer frustration 20/10/2023 at 07:31 By Help Net Security Despite widespread usage of passwords lingering on, consumers want to use stronger, more user-friendly alternatives, according to FIDO Alliance. Entering a password manually without any form of additional authentication was the most commonly used authentication method across the use cases tracked

React to this headline:

Loading spinner

Legacy authentication leads to growing consumer frustration Read More »

Valve introduces SMS-based confirmation to prevent malicious games on Steam

authentication, Don't miss, ESET, Hot stuff, MFA, News, security update, software development, Steam /

Valve introduces SMS-based confirmation to prevent malicious games on Steam 17/10/2023 at 16:32 By Helga Labus Video game publisher/digital distribution company Valve is forcing developers who publish games on its Steam platform to “validate” new builds with a confirmation code received via SMS. The Steam SMS confirmation requirement Valve sent out notices last month to

React to this headline:

Loading spinner

Valve introduces SMS-based confirmation to prevent malicious games on Steam Read More »

Anticipating the benefits of a passwordless tomorrow

authentication, cybersecurity, FIDO Alliance, LastPass, MFA, News, password manager, passwordless, passwords, report, shadow IT, survey /

Anticipating the benefits of a passwordless tomorrow 17/10/2023 at 06:02 By Help Net Security Businesses are actively moving to eradicate passwords from employees’ lives, with 89% of IT leaders expecting passwords to represent less than a quarter of their organization’s logins within five years or less, according to a FIDO Alliance and LastPass report. Moving

React to this headline:

Loading spinner

Anticipating the benefits of a passwordless tomorrow Read More »

Microsoft Improving Windows Authentication, Disabling NTLM

authentication, Identity & Access, Kerberos, Microsoft, NTLM /

Microsoft Improving Windows Authentication, Disabling NTLM 16/10/2023 at 15:33 By Ionut Arghire Microsoft is adding new features to the Kerberos protocol, to eliminate the use of NTLM for Windows authentication. The post Microsoft Improving Windows Authentication, Disabling NTLM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Microsoft Improving Windows Authentication, Disabling NTLM Read More »

Selective disclosure in the identity wallet: How users share the data that is really needed

authentication, cyberattack, cybersecurity, data, Data leak, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, IDnow, News, opinion, Privacy /

Selective disclosure in the identity wallet: How users share the data that is really needed 09/10/2023 at 07:46 By Help Net Security Name, date of birth, address, email address, passwords, tax records, or payroll – all this sensitive user data is stored by companies in huge databases to identify individuals for digital services. Although companies

React to this headline:

Loading spinner

Selective disclosure in the identity wallet: How users share the data that is really needed Read More »

Never use your master password as a password on other accounts

authentication, credentials, Don't miss, Hot stuff, News, password manager, passwords, survey /

Never use your master password as a password on other accounts 19/09/2023 at 08:33 By Helga Labus One in three Americans now use password managers, up from one in five in 2022, according to an online poll by Security.org that quizzed 1,051 American adults on how they use passwords and password managers. How users choose

React to this headline:

Loading spinner

Never use your master password as a password on other accounts Read More »

Modernizing fraud prevention with machine learning

authentication, biometrics, cybersecurity, Don't miss, Experian, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity theft, machine learning, News, opinion, Privacy /

Modernizing fraud prevention with machine learning 15/09/2023 at 08:33 By Help Net Security The number of digital transactions has skyrocketed. As consumers continue to spend and interact online, they have growing expectations for security and identity verification. As fraudsters become savvier and more opportunistic, there’s an increased need for businesses to protect customers from fraud

React to this headline:

Loading spinner

Modernizing fraud prevention with machine learning Read More »

Enterprises persist with outdated authentication strategies

attacks, authentication, cybercriminals, cybersecurity, dark web, Don't miss, Enzoic, MFA, News, password management, passwordless, passwords, policy, report, strategy, vulnerability assessment /

Enterprises persist with outdated authentication strategies 15/09/2023 at 07:33 By Help Net Security Despite authentication being a cornerstone of cybersecurity, risk mitigation strategies remain outdated, according to new research from Enzoic. With the attack surface expanding and the increasing sophistication of cyber threats, organizations are struggling to deliver secure and user-friendly authentication. The research uncovered

React to this headline:

Loading spinner

Enterprises persist with outdated authentication strategies Read More »

Avoidable digital certificate issues fuel data breaches

access management, AppViewX, authentication, certificates, cybersecurity, data breach, Forrester Consulting, identity management, News, report, survey, zero trust /

Avoidable digital certificate issues fuel data breaches 06/09/2023 at 06:02 By Help Net Security Among organizations that have suffered data breaches 58% were caused by issues related to digital certificates, according to a report by AppViewX and Forrester Consulting. As a result of service outages, 57% said their organizations have incurred costs upwards of $100,000

React to this headline:

Loading spinner

Avoidable digital certificate issues fuel data breaches Read More »

Scroll to Top