Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Google has released a new tool designed to identify potential USB keystroke injection attacks and block devices they originate from. [Read More]
Identity management firm Auth0 has added a collection of threat intelligence tools and capabilities designed to protect customers from identity attacks. [Read More]
Google has announced that Android and macOS users can now use more web browsers to initially register security keys to their accounts. [Read More]
Free and open certificate authority (CA) Let’s Encrypt has decided that it will not revoke one million of the certificates affected by the recent CAA recheck bug. [Read More]
Most Intel chipsets are affected by a vulnerability that can be exploited to obtain protected information and compromise data protection technologies. [Read More]
ProtonMail has introduced DKIM key management in an effort to protect custom domain email addresses against domain name impersonation. [Read More]
A new report suggests that poorly protected device identities could cost U.S. business between $15 billion and $21 billion. [Read More]
A surge in malicious login attempts is likely to be a flood of credential lists in the criminal marketplace, the attractiveness of financial data, and a more general shift in criminal credential abuse towards targeting API logins. [Read More]
Amazon-owned home security and smart home company Ring this week announced new security and privacy features for all of its users. [Read More]
Users in 10 countries can now take advantage of the hardware based two-factor authentication (2FA) functionality offered by Google's Titan Security Keys. [Read More]
- 1 of 71
- ››
FEATURES, INSIGHTS // Identity & Access
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
In just about every case of digital identity, there seems to be a set of credential recovery mechanisms that are weaker than the authentication method itself.
Organizations should recognize that not all authenticators are equally vulnerable to the mechanisms used to break the trust chain, which range from simple guesswork to coercion.
Now is the time to evaluate what methods of authentication will best serve your organization on the path to a passwordless future.
If you want to succeed with FIDO, you have to be ready. Now is the time to assess your organization’s authentication needs, how they are evolving, and the dynamics of your user population.
- 1 of 9
- ››
Subscribe to the Daily Briefing
- Privacy Rights May Become Next Victim of Killer Pandemic
- Europol: Criminals Exploit Virus Crisis as Fresh Opportunity
- Google Sees Drop in Government-Backed Phishing Attempts
- Russian Hackers Exploited Windows Flaws in Attacks on European Firms
- Senator Urges Vendors to Secure Networking Devices Amid COVID-19 Outbreak
- GitHub Paid Out Over $1 Million in Bug Bounties
- Websites of U.S. Presidential Candidates Pose Security, Privacy Risks
- Unofficial Patches Released for Exploited Windows Font Processing Flaws
- No Patch for VPN Bypass Flaw Discovered in iOS
- Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy