authentication
3 ways to combat rising OAuth SaaS attacks
OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine …
Understanding zero-trust design philosophy and principles
In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security …
Breaking down the state of authentication
In this Help Net Security video, Bassam Al-Khalidi, co-CEO of Axiad, discusses the results of Axiad’s recent State of Authentication Survey. Key findings from the survey …
Cybersecurity challenges emerge in the wake of API expansion
In this Help Net Security interview, Vedran Cindric, CEO at Treblle, discusses the exponential growth of AI-related APIs, citing a 96% increase in 2023. He sheds light on the …
Wi-Fi 7’s mission-critical role in enterprise, industrial networking
As we transition from Wi-Fi 6 to the more advanced Wi-Fi 7, we uncover the significant enhancements in speed, efficiency, and spectrum usage that set it apart from its …
Why you need to extend enterprise IT security to the mainframe
Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the …
3 main tactics attackers use to bypass MFA
Notable security breaches have bypassed MFA to compromise taxi broker Uber, games company EA, and authentication business Okta, according to SE Labs. CISOs must bolster MFA …
A closer look at LATMA, the open-source lateral movement detection tool
In this Help Net Security video, Gal Sadeh, Head of Data and Security Research at Silverfort, discusses LATMA, a free, open-source tool. It’s engineered with advanced …
Many popular websites still cling to password creation policies from 1985
A significant number of popular websites still allow users to choose weak or even single-character passwords, researchers at Georgia Institute of Technology have found. …
eIDAS: EU’s internet reforms will undermine a decade of advances in online security
The European Union’s attempt to reform its electronic identification and trust services – a package of laws better known as eIDAS 2.0 – contains legislation that poses a grave …
Short-term AWS access tokens allow attackers to linger for a longer while
Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them …
Okta breach: Hackers stole info on ALL customer support users
The scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a …
Featured news
Resources
Don't miss
- OpenNHP: Cryptography-driven zero trust protocol
- The API security crisis and why businesses are at risk
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
- Casio UK site compromised, equipped with web skimmer
- Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities