Category: Access control

July 10, 2024

Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the option […]

July 8, 2024

The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over […]

June 10, 2024

Cloud data analytics platform Snowflake said it is going to begin forcing customers to implement multi-factor authentication to prevent more intrusions. The move comes in response to an incident discovered late last month by analysts at Hudson Rock, which saw […]

April 30, 2024

Any password under seven characters can be cracked within a matter of hours, according to Hive Systems. The time it takes to crack passwords increases Due to the widespread use of stronger password hashing algorithms to protect data, the time […]

April 11, 2024

Passwords serve as the first line of defense against data breaches, yet individuals often exhibit poor habits when it comes to selecting or updating their passwords regularly. Despite widespread requirements for secure passwords across applications and websites, research indicates that […]

February 26, 2024

A data protection watchdog in the UK has issued an enforcement notice to stop Serco from using facial recognition tech and fingerprint scanning to monitor staff at 38 leisure centers it runs. During an investigation, the Information Commissioner’s Office, Britain’s […]

February 19, 2024

In an era defined by relentless cyber threats and evolving attack vectors, traditional security models are proving increasingly inadequate to safeguard sensitive information. Unlike conventional systems that often rely on perimeter defenses, zero trust adopts a more discerning philosophy, treating […]

February 9, 2024

The cloud is the de facto platform for delivery of applications and services in the modern digital era. Identity as the new digital perimeter is the cornerstone for assuring secure “Anytime, Anywhere, Authorized” access to protect enterprise security and privacy. […]

January 25, 2024

1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher education labs, retail bank branches, healthcare providers and other restricted environments […]

January 19, 2024

A security researcher in Germany has been fined €3,000 ($3,300, £2,600) for finding and reporting an e-commerce database vulnerability that was exposing almost 700,000 customer records. Back in June 2021, according to our pals at Heise, an contractor identified elsewhere […]

January 11, 2024

Google-owned security house Mandiant’s investigation into how its X account was taken over to push cryptocurrency scams concludes the “likely” cause was a successful brute-force password attack. The natural reaction to this would be to ask why two/multi-factor authentication didn’t […]

January 10, 2024

I have always known about physical security keys, also called hard tokens, but never actually used one despite my curiosity. So, I was kind of excited when I got my hands on two cool things: a YubiKey 5 and a […]

November 20, 2023

It’s that time of year again – NordPass has released its annual list of the most common passwords. And while it seems some of you took last year’s chiding to heart, most of you arguably swapped bad for worse. Password […]

November 15, 2023

Novel weaknesses in Google Workspace have been exposed by researchers, with exploits potentially leading to ransomware attacks, data exfiltration, and password decryption. Researchers at Bitdefender say the methods could also be used to access Google Cloud Platform (GCP) with custom […]

November 8, 2023

Daily incursions are underway with the aim of removing every bit of data that you’ve got – the cyber criminals’ aim is to break in and get out again laden with digital booty. But without that data exfiltration there’s no […]

November 1, 2023

In today’s digital era, the nexus between advanced computation, security, and privacy has transformed into a complex tapestry. As artificial intelligence (AI) takes center stage in reshaping industries, ensuring the confidentiality and security of our data has never been more […]

October 19, 2023

Securing secrets such as API keys, passwords, and credentials is a major challenge for developers today. It’s far too easy for these secrets to get exposed in public code repositories, logs, docker images, etc. To help solve this issue, GitGuardian […]

October 9, 2023

In the ever-evolving landscape of cybersecurity, protecting sensitive data and ensuring secure access to digital assets have become paramount concerns for organizations worldwide. Recognizing the significance of these challenges, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National […]

September 22, 2023

Microsoft is expanding passkey support with Windows 11, meaning users will soon be able to take better advantage of the new technology. In a blog post on its site, the company said that with the upcoming update to the operating […]

September 5, 2023

In today’s digital age, it’s not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions […]