SecureAuth Arculix strengthens passwordless authentication for enterprises
SecureAuth unveiled the launch of Arculix, a platform that combines orchestration, passwordless technology, and continuous authentication. The next generation platform has the flexibility to be deployed as a full end-to-end solution, or augment exist.....»»
1Password wants to help developers find out if their users are ready for passkeys
Passkey is a technology that replaces traditional passwords with more secure authentication methods, such as facial recognition or biometrics, eliminating the need to create and type a passcode. As passkeys become more popular, 1Password wants to hel.....»»
Vulnerability in Cisco Smart Software Manager lets attackers change any user password
Yep, passwords for administrators can be changed, too. Enlarge Cisco on Wednesday disclosed a maximum-security vulnerability that allows remote threat actors with no authentication to change the password of any user, in.....»»
Appgate launches Malware Analysis Service to safeguard enterprises and government agencies
Appgate has unveiled its new Malware Analysis Service that mitigates cyberthreats for enterprises and government agencies by identifying and neutralizing malicious software. Appgate’s Malware Analysis and Research Team now offers two new services t.....»»
Overlooked essentials: API security best practices
In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta r.....»»
Apple @ Work Podcast: IT survey for small and medium-size enterprises
Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & p.....»»
Google makes it easier for users to switch on advanced account protection
The strict requirement for two physical keys is now eased when passkeys are used. Enlarge (credit: Getty Images) Google is making it easier for people to lock down their accounts with strong multifactor authentication by.....»»
Using Authy? Beware of impending phishing attempts
Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops t.....»»
Microsoft staff in China must use iPhone for authentication, not Android phones
Microsoft staff in China have been told that they must use an iPhone for authentication when logging in to company systems. From September, the use of Android smartphones as multi-factor authentication devices will be banned. This will create a si.....»»
New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere
Ubiquitous RADIUS scheme uses homegrown authentication based on MD5. Yup, you heard right. Enlarge (credit: Getty Images) One of the most widely used network protocols is vulnerable to a newly discovered attack that can.....»»
Fail2Ban: Ban hosts that cause multiple authentication errors
Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses.....»»
Machine identities lack essential security controls, pose major threat
Siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems, according to CyberArk. The CyberArk 2024 Identity Security Threat Landscape Report was conducted across private and.....»»
Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)
Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its web interface as any user. With no user interaction required for remote exploitat.....»»
Authelia: Open-source authentication and authorization server
Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. Authelia connects directly to the reverse prox.....»»
ManageEngine SaaS Manager Plus simplifies access management
ManageEngine launched SaaS Manager Plus, a SaaS management solution for enterprises. SaaS Manager Plus seamlessly integrates with Zoho apps and other widely utilized applications, empowering IT admins and finance managers to streamline their SaaS eco.....»»
Calix strengthens SmartBiz security with automated alerts and anti-spam compliance tools
Calix unveiled updates to SmartBiz, a purpose-built small business solution for broadband service providers (BSPs), that expand an existing set of robust security capabilities. These enhancements help BSPs ensure the safety, security, and compliance.....»»
Log4Shell shows no sign of fading, spotted in 30% of CVE exploits
Organizations continue to run insecure protocols across their wide access networks (WAN), making it easier for cybercriminals to move across networks, according to a Cato Networks survey. Enterprises are too trusting within their networks The Cato CT.....»»
Log4J shows no sign of fading, spotted in 30% of CVE exploits
Organizations continue to run insecure protocols across their wide access networks (WAN), making it easier for cybercriminals to move across networks, according to a Cato Networks survey. Enterprises are too trusting within their networks The Cato CT.....»»
nodeQ launches PQtunnel to simplify the migration to PQC for both SMEs and large enterprises
nodeQ has developed PQtunnel, a tool designed to assist businesses – ranging from SMEs to large enterprises – in transitioning their end-to-end (E2E) secure communication to PQC. This software application is available in two variants: PQt.....»»
Traceable launches Generative AI API Security to combat AI integration risks
Traceable AI has revealed an Early Access Program for its new Generative AI API Security capabilities. As enterprises increasingly integrate Generative AI such as Large Language Models (LLMs) into critical applications, they expose those applications.....»»
Inpher SecurAI protects the privacy of user inputs on large language models
Inpher released SecurAI, a solution that protects the privacy and security of user inputs on large language models. This release of SecurAI leverages the NVIDIA H100 Tensor Core GPU for maximum speed and performance. “Enterprises need to harnes.....»»