authentication
Let’s stop talking password flaws and instead discuss access management
A good bit of attention has been given to a new report that suggests that there are organizations that don’t change their administrative passwords at all, ever. While it may …
Living in a password free world in the modern enterprise
The era of password security in the modern enterprise is over. Passwords are dead. Let’s be honest. Passwords in the enterprise were never really that secure in the …
1 in 10 people have posed as someone else online
Our need for ease and convenience is putting our digital identities and security at risk. A new BehavioSec report finds that 37% of us have shared our personal security data …
Most users limit personal info on social media due to hacking fears
Only 10 percent of internet-using adults in America used at least one social networking site in 2005. More than a decade later that number has grown exponentially, with 84 …
7 million users affected by Minecraft community Lifeboat data breach
Minecraft community fansite “Lifeboat” has admitted that it suffered a data breach in January, after security researcher Troy Hunt added some of the stolen data to …
How the biometrics market is entering the evolving IoT ecosystem
By 2021, the biometrics market will reach $30 billion and shift its revenue focus, moving away from the governmental sector to emphasize opportunities in the consumer and …
Facebook vulnerability allowed access to personal and payment information
Bitdefender has discovered a significant vulnerability within Facebook which allowed access to any user account through simple social login manipulation. The attacker was able …
A password for your eyewear computer: The sound of your skull
Could the unique frequency response your skull makes when hit with an ultrasonic signal be a good way for authenticating yourself to an eyewear computer (e.g. Google Glass, or …
Google’s poor design decision undermines 2FA protection
A design decision by Google can be exploited by attackers to gain control of both devices needed to access users’ accounts protected via SMS-based 2-factor …
Microsoft plugs online services account hijacking vulnerability
London-based security researcher and bug hunter Jack Whitton has discovered a serious cross-site request forgery flaw affecting Microsoft’s authentication system for …
New alerts for Gmail users targeted by state-sponsored attackers
Since 2012, Google has been warning Gmail users when they have been targeted by state-sponsored attackers, but now the alert will be even more visible (and therefore less …
Banks failing with password management, but why?
A recent study shows some terrifying results: banks in the U.S. often have less secure password policies in place than do social media websites. Specifically, the study found …