February 26, 2024
Via: The RegisterA data protection watchdog in the UK has issued an enforcement notice to stop Serco from using facial recognition tech and fingerprint scanning to monitor staff at 38 leisure centers it runs. During an investigation, the Information Commissioner’s Office, Britain’s […]
February 19, 2024
Via: Help Net SecurityIn an era defined by relentless cyber threats and evolving attack vectors, traditional security models are proving increasingly inadequate to safeguard sensitive information. Unlike conventional systems that often rely on perimeter defenses, zero trust adopts a more discerning philosophy, treating […]
February 9, 2024
Via: SecureWorldThe cloud is the de facto platform for delivery of applications and services in the modern digital era. Identity as the new digital perimeter is the cornerstone for assuring secure “Anytime, Anywhere, Authorized” access to protect enterprise security and privacy. […]
January 25, 2024
Via: Help Net Security1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher education labs, retail bank branches, healthcare providers and other restricted environments […]
January 19, 2024
Via: The RegisterA security researcher in Germany has been fined €3,000 ($3,300, £2,600) for finding and reporting an e-commerce database vulnerability that was exposing almost 700,000 customer records. Back in June 2021, according to our pals at Heise, an contractor identified elsewhere […]
Access control, Network security, Security
January 11, 2024
Via: The RegisterGoogle-owned security house Mandiant’s investigation into how its X account was taken over to push cryptocurrency scams concludes the “likely” cause was a successful brute-force password attack. The natural reaction to this would be to ask why two/multi-factor authentication didn’t […]
January 10, 2024
Via: SecurityWeekI have always known about physical security keys, also called hard tokens, but never actually used one despite my curiosity. So, I was kind of excited when I got my hands on two cool things: a YubiKey 5 and a […]
November 20, 2023
Via: The RegisterIt’s that time of year again – NordPass has released its annual list of the most common passwords. And while it seems some of you took last year’s chiding to heart, most of you arguably swapped bad for worse. Password […]
November 15, 2023
Via: The RegisterNovel weaknesses in Google Workspace have been exposed by researchers, with exploits potentially leading to ransomware attacks, data exfiltration, and password decryption. Researchers at Bitdefender say the methods could also be used to access Google Cloud Platform (GCP) with custom […]
November 8, 2023
Via: The RegisterDaily incursions are underway with the aim of removing every bit of data that you’ve got – the cyber criminals’ aim is to break in and get out again laden with digital booty. But without that data exfiltration there’s no […]
November 1, 2023
Via: SecureWorldIn today’s digital era, the nexus between advanced computation, security, and privacy has transformed into a complex tapestry. As artificial intelligence (AI) takes center stage in reshaping industries, ensuring the confidentiality and security of our data has never been more […]
October 19, 2023
Via: SecureWorldSecuring secrets such as API keys, passwords, and credentials is a major challenge for developers today. It’s far too easy for these secrets to get exposed in public code repositories, logs, docker images, etc. To help solve this issue, GitGuardian […]
October 9, 2023
Via: SecureWorldIn the ever-evolving landscape of cybersecurity, protecting sensitive data and ensuring secure access to digital assets have become paramount concerns for organizations worldwide. Recognizing the significance of these challenges, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National […]
September 22, 2023
Via: TechRadarMicrosoft is expanding passkey support with Windows 11, meaning users will soon be able to take better advantage of the new technology. In a blog post on its site, the company said that with the upcoming update to the operating […]
September 5, 2023
Via: The Hacker NewsIn today’s digital age, it’s not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions […]
August 31, 2023
Via: Help Net SecurityThe number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface. Each interconnected device can potentially create new avenues for […]
August 10, 2023
Via: The Hacker NewsA widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto’s Citizen […]
August 7, 2023
Via: The Hacker NewsA group of academics has devised a “deep learning-based acoustic side-channel attack” that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy. “When trained on keystrokes recorded using the video conferencing software […]
July 25, 2023
Via: The Hacker NewsA new security vulnerability has been discovered in AMD’s Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed […]
July 20, 2023
Via: The Hacker NewsIf it seems like Remote Desktop Protocol (RDP) has been around forever, it’s because it has (at least compared to the many technologies that rise and fall within just a few years.) The initial version, known as “Remote Desktop Protocol […]