eBook: Biometric Authentication For Dummies
How can you be sure that someone is who they say they are, if they’re not standing in front of you? In a digital world, how can organizations be sure that an individual attempting to access online services is who they claim to be? Or that they exis.....»»
Future Apple Vision Pro brainwave sensors could improve mental and physical health
Apple is working on technology that could turn the Apple Vision Pro into a brainwave reader to improve mental health, assist with training and workouts, and help with mindfulness.Any number of sensors, including brainwave and biometric, could be part.....»»
Portnox Conditional Access for Applications improves data security for organizations
Portnox introduced its Conditional Access for Applications solution. Available as part of the Portnox Cloud platform, Conditional Access for Applications delivers easy-to-implement passwordless authentication, endpoint risk posture assessment, and au.....»»
Here’s how to protect against ‘GoldPickaxe’, the first iPhone trojan [U]
An Android trojan called GoldDigger surfaced last year that can steal biometric data and more from victims to compromise their bank accounts. Now the threat has evolved into the GoldPickaxe trojan that can infect iOS and Android. Fortunately, there a.....»»
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be exploited by unauthenticated, remote attackers to grab users’ valid SAML a.....»»
Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
A threat actor specializing in establishing initial access to target organizations’ computer systems and networks is using booby-trapped email attachments to steal employees’ NTLM hashes. Why are they after NTLM hashes? NT LAN Manager (NT.....»»
Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)
The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a ne.....»»
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)
VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to mount authentication relay and session hijack attacks. The vulnerabilities hav.....»»
Here’s how to protect against ‘GoldPickaxe’, the first iPhone trojan
An Android trojan called GoldDigger surfaced last year that can steal biometric data and more from victims to compromise their bank accounts. Now the threat has evolved into the GoldPickaxe trojan that can infect iOS and Android. Fortunately, there a.....»»
Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge
The essence of cybersecurity is not just about defense but enabling business through trust and reliability. As Gmail and Yahoo take steps to enforce stricter email authentication, organizations that are proactive in their DMARC compliance will not on.....»»
Bitwarden adds event logs and self-hosting capabilities to its Passwordless.dev toolkit
Bitwarden strengthened its Passwordless.dev enterprise plan with event logs and self-hosting options. These features empower organizations with greater transparency when moving to passwordless authentication and enable developers to build workforce p.....»»
How AI is revolutionizing identity fraud
Nearly half of businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased, according to AuthenticID. Consumers and businesses alike are facing new challenges in today’s digital.....»»
Entrust in final talks to acquire Onfido
Entrust has entered into exclusive discussions to acquire Onfido. With this contemplated acquisition, Entrust would add a compliant AI/ML-based biometric and document IDV tech stack to its portfolio of identity solutions. Additionally, Entrust would.....»»
On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)
JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About CVE-2024-23917 CVE-2024-23917 could allow an unauthenticated threat actor with H.....»»
You can reset the Apple Vision Pro passcode in visionOS 1.1 beta
The first developer beta of visionOS 1.1 solves an unexpectedly pressing issue for some Apple Vision Pro users, as it allows users to reset their headset's passcode.Optic ID is the main authentication system in visionOS, but passcodes also exist. Own.....»»
How to get started using Optic ID for Apple Vision Pro
The Apple Vision Pro uses Optic ID as biometric authentication for payments and certain visionOS actions. Here's how it works, and how to use it.An Apple graphic representing Optic IDApple's biometric security processes has evolved over the years, st.....»»
Death Stranding 2 gets a title, release window, and a bonkers new trailer
Death Stranding 2: On the Beach just got an absolutely wild new trailer full of guitar swords and sentient dummies......»»
Longer passwords aren’t safe from intensive cracking efforts
88% of organizations still use passwords as their primary method of authentication, according to Specops Software. The report found that 31.1 million breached passwords had over 16 characters, showing longer passwords aren’t safe from being cracked.....»»
1Kosmos BlockID 1Key secures users in restricted environments
1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher.....»»
X rolling out passkeys support for iOS users after removing SMS as 2FA option
X (formerly known as Twitter) last year announced that it would no longer support SMS as a two-factor authentication (2FA) method for users who are not X Premium subscribers. Luckily for users, the platform is now rolling out support for passkeys in.....»»
Users Clamor for Return of Physical Fingerprint Readers
The biometric hierarchy for unlocking your smartphone appears to be the following: Physical fingerprint reader, ultrasonic fingerprint reader, optical fingerprint reader, and then below those everything else. At least, that’s what users on the.....»»