eBook: Biometric Authentication For Dummies
How can you be sure that someone is who they say they are, if they’re not standing in front of you? In a digital world, how can organizations be sure that an individual attempting to access online services is who they claim to be? Or that they exis.....»»
4 Okta customers hit by campaign that gave attackers super admin control
Attackers already had credentials. Now, they just needed to bypass 2FA protections. Enlarge (credit: Getty Images) Authentication service Okta said four of its customers have been hit in a recent social-engineering campa.....»»
Week in review: 11 search engines for cybersecurity research, PoC for RCE in Juniper firewall released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Adapting authentication to a cloud-centric landscape In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges.....»»
X, formerly known as Twitter, may collect your biometric data and job history
X, the social media platform formerly known as Twitter, said this week it may collect biometric and employment information from its users — expanding the range of personal information that account-holders may be exposing to the site......»»
X, formerly Twitter, to collect biometric and employment data
The social media firm, formerly Twitter, will gather facial information if premium users give consent......»»
Adapting authentication to a cloud-centric landscape
In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote workforces, the negative consequences of ineffective authorization, and ho.....»»
Rumor: iPhone 15 USB-C cable limited to USB 2.0 speeds, has no MFi
A new leak shows that USB-C charging cable for the iPhone 15 will transfer data at USB 2.0 speeds, and there is no MFi authentication on the cable.While recent predictions of the iPhone 15 range's expected USB-C connector have concentrated on it pot.....»»
Beyond Identity unveils The Passkey Journey to aid enterprise passkey deployment decisions
Beyond Identity has launched The Passkey Journey – a free, GDPR-compliant tool built to help development and user experience (UX) teams understand, plan, and optimize different end user authentication experiences. The tool solves key challenges aro.....»»
Apple planning Face ID for MacBook Pro and iMac
Apple intends to bring the Face ID biometric authentication system introduced with the iPhone, to its Mac range, including both portables and desktops.We've now got the notch at the top of the screen, but Apple wants to embed a Face ID sensor thereJu.....»»
Building a secure future without traditional passwords
As organizations try to fortify their defenses against an increasingly sophisticated threat landscape, traditional password-based systems reveal their limitations. This is where passwordless authentication steps in – a concept that simplifies acces.....»»
WhatsApp working to implement new security layer with passkey
If you’re a WhatsApp user, there are different ways to protect your account – such as using a traditional password and two-factor authentication. And soon, users will have another option to secure their account, as WhatsApp has been working to im.....»»
MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the rout.....»»
Amazon’s palm authentication tech is coming to every Whole Foods in the U.S.
Amazon’s palm recognition technology has been rolling out at a number of businesses over the last year or so, but one Amazon actually owns wasn’t … The post Amazon’s palm authentication tech is coming to every Whole Foods in t.....»»
eBook: 9 Ways to Secure Your Cloud App Dev Pipeline
Improve your cloud security with these 9 proven strategies. Uptycs, alongside renowned expert Lee Atchison, share their list of comprehensive tactics to mitigate risks facing modern development teams. To address these emerging risks, Uptycs has creat.....»»
WatchGuard expands identity protection capabilities with AuthPoint Total Identity Security
WatchGuard Technologies has unveiled AuthPoint Total Identity Security, a comprehensive bundle that combines the AuthPoint multi-factor authentication (MFA) with dark web credential monitoring capabilities and a corporate password manager. The introd.....»»
Chinese hackers forged authentication tokens to breach government emails
Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) consumer signing key, the company has revealed on Tuesday. “The threa.....»»
Overcoming user resistance to passwordless authentication
Many organizations agree in theory that passwordless authentication is the future, but getting there represents a significant change management challenge. The migration to passwordless requires forethought and planning. For example, an organization n.....»»
Cybercriminals can break voice authentication with 99% success rate
Computer scientists at the University of Waterloo have discovered a method of attack that can successfully bypass voice authentication security systems with up to a 99% success rate after only six tries. Experts expose flaws in voiceprint technology.....»»
How to automatically delete two-factor authentication codes in iOS 17
The Messages and Mail apps on iOS can quickly become cluttered with SMS codes for two-factor authentication, but iOS 17 can automatically delete them. Here's where to find it.SMS codes in Messages and MailSMS two-factor authentication (SMS 2FA) is a.....»»
PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)
An authentication bypass vulnerability (CVE-2023-26258) in the Arcserve Unified Data Protection (UDP) enterprise data protection solution can be exploited to compromise admin accounts and take over vulnerable instances, MDSec researchers Juan Manuel.....»»
Here’s how Apple Vision Pro ‘Guest Mode’ will work when you let your friends wear your $3500 headset
When Apple announced Vision Pro earlier this month, the company also showed off a new authentication technology called Optic ID, based on the irises of the users wearing the device. But what if someone wants to try out your Apple Vision Pro or if yo.....»»