authentication
How secure is the “Password Protection” on your files and drives?
People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate …
Triangulation fraud: The costly scam hitting online retailers
In this Help Net Security interview, Mike Lemberger, Visa’s SVP, Chief Risk Officer, North America, discusses the severe financial losses resulting from triangulation fraud, …
Most people still rely on memory or pen and paper for password management
Bitwarden surveyed 2,400 individuals from the US, UK, Australia, France, Germany, and Japan to investigate current user password practices. The survey shows that 25% of …
What is multi-factor authentication (MFA), and why is it important?
Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity …
Who owns customer identity?
When I’m talking with prospective clients, I like to ask: which department owns customer identity? Everyone immediately looks towards a different team. While every team …
EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)
EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the …
Strategies for secure identity management in hybrid environments
In this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. She …
How Google plans to make stolen session cookies worthless for attackers
Google is working on a new security feature for Chrome called Device Bound Session Credentials (DBSC), meant to prevent attackers from using stolen session cookies to gain …
AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse …
How security leaders can ease healthcare workers’ EHR-related burnout
Staff experiencing burnout in healthcare settings is not something that security leaders typically worry about – unless, maybe, it is the security team itself that is …
Leveraging AI and automation for enhanced cloud communication security
In this Help Net Security interview, Sanjay Macwan, CIO and CISO at Vonage, addresses emerging threats to cloud communications and the role of AI and automation in …
Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
A threat actor specializing in establishing initial access to target organizations’ computer systems and networks is using booby-trapped email attachments to steal …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility