Top

Category: Access control


Access control, Security

Windows 11 is officially killing off passwords and bringing in passkeys

September 22, 2023

Via: TechRadar

Microsoft is expanding passkey support with Windows 11, meaning users will soon be able to take better advantage of the new technology. In a blog post on its site, the company said that with the upcoming update to the operating […]


Access control, Security

Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface

September 5, 2023

Via: The Hacker News

In today’s digital age, it’s not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions […]


Access control, Security

The power of passive OS fingerprinting for accurate IoT device identification

August 31, 2023

Via: Help Net Security

The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface. Each interconnected device can potentially create new avenues for […]


Access control, Security

Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk

August 10, 2023

Via: The Hacker News

A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto’s Citizen […]


Access control, Security

New ‘Deep Learning Attack’ Deciphers Laptop Keystrokes with 95% Accuracy

August 7, 2023

Via: The Hacker News

A group of academics has devised a “deep learning-based acoustic side-channel attack” that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy. “When trained on keystrokes recorded using the video conferencing software […]


Access control, Security

Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk

July 25, 2023

Via: The Hacker News

A new security vulnerability has been discovered in AMD’s Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed […]


Access control, Security

A Few More Reasons Why RDP is Insecure (Surprise!)

July 20, 2023

Via: The Hacker News

If it seems like Remote Desktop Protocol (RDP) has been around forever, it’s because it has (at least compared to the many technologies that rise and fall within just a few years.) The initial version, known as “Remote Desktop Protocol […]


Access control, Security

Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone

July 5, 2023

Via: The Hacker News

Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren’t really secrets. In personal life, a secret revealed can damage relationships, lead to social […]


Access control, Security

Attain Insight Security 4X 4.0 strengthens data protection for enterprises

June 30, 2023

Via: Help Net Security

Attain Insight released Attain Insight Security 4X version 4.0, an upgrade to its flagship security software. This latest release introduces new features and enhancements designed to fortify data protection, streamline compliance processes, and bolster user management across diverse enterprise environments. […]


Access control, Security

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

June 26, 2023

Via: The Hacker News

In what’s an ingenious side-channel attack, a group of academics has found that it’s possible to recover secret keys from a device by analyzing video footage of its power LED. “Cryptographic computations performed by the CPU change the power consumption […]


Access control, Security

Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces

June 20, 2023

Via: The Hacker News

Over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials. The credentials were discovered within information stealer logs made available […]


Access control, Security

New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT

June 15, 2023

Via: The Hacker News

The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations’ sensitive data. But what do we really know about this risk? A new research by Browser Security company LayerX sheds light on the scope and […]


Access control, Security

5 Reasons Why Access Management is the Key to Securing the Modern Workplace

June 9, 2023

Via: The Hacker News

The way we work has undergone a dramatic transformation in recent years. We now operate within digital ecosystems, where remote work and the reliance on a multitude of digital tools is the norm rather than the exception. This shift – […]


Access control, Security

CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security

May 30, 2023

Via: The Hacker News

Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic. “Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward this […]


Access control, Security

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

May 22, 2023

Via: The Hacker News

A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim’s master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x […]


Access control, Security

Cyolo Product Overview: Secure Remote Access to All Environments

May 16, 2023

Via: The Hacker News

Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations’ essential systems and resources. Cybercriminals no longer break into systems, but instead log in – making access security more complex and also more important to manage and […]


Access control, Security

Solving Your Teams Secure Collaboration Challenges

May 12, 2023

Via: The Hacker News

In today’s interconnected world, where organisations regularly exchange sensitive information with customers, partners and employees, secure collaboration has become increasingly vital. However, collaboration can pose a security risk if not managed properly. To ensure that collaboration remains secure, organisations need […]


Access control, Security

GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets

May 11, 2023

Via: The Hacker News

GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from inadvertently leaking keys and other secrets in their code. The Microsoft-owned cloud-based repository hosting platform, which began testing the feature […]


Access control, Security

Google 2FA Syncing Feature Could Put Your Privacy at Risk

April 27, 2023

Via: Dark Reading

After a 13-year-long wait, Google Authenticator has added a 2FA account-sync feature that allows its users to back up their 2FA code sequences into the cloud, after which they can restore them back into a new device. Though the process […]


Access control, Security

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

April 13, 2023

Via: The Hacker News

Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. “While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they’re known and fixed, which […]