Top

Category: Access control


Access control, Security

Buggy ‘Log in With Google’ API Implementation Opens Crypto Wallets to Account Takeover

July 7, 2022

Via: Dark Reading

A cryptocurrency wallet service provider serving more than 2 million users worldwide and managing about $3 billion worth of Bitcoin was found to contain API vulnerabilities tied to how external authentication logins were implemented. The bugs are fixed, but the […]


Access control, Security

Rafay Systems Paralus helps users achieve secure access to Kubernetes clusters

June 30, 2022

Via: Help Net Security

Rafay Systems launched a new open-source software project named Paralus to enable secure, audited access for developers, operations, SREs and CI/CD tools to remote Kubernetes (K8s) clusters. Paralus offers access management for developers, architects, and CI/CD tools to remote K8s […]


Access control, Security

Solution to cybersecurity skills gap largely sits with hiring practices

June 21, 2022

Via: Help Net Security

(ISC)² published findings from its 2022 Cybersecurity Hiring Managers research that shed light on best practices for recruiting, hiring and onboarding entry- and junior-level cybersecurity practitioners. The research, reflecting the opinions of 1,250 cybersecurity hiring managers from the U.S., Canada, […]


Access control, Security

How much does access to corporate infrastructure cost?

June 15, 2022

Via: Securelist

Division of labor Money has been and remains the main motivator for cybercriminals. The most widespread techniques of monetizing cyberattacks include selling stolen databases, extortion (using ransomware) and carding. However, there is demand on the dark web not only for […]


Access control, Security

Apple unveils passkeys for passwordless authentication to apps and websites

June 7, 2022

Via: Help Net Security

At WWDC 2022, Apple has announced and previewed iOS 16 and iPad OS 16, macOS 13 (aka macOS Ventura), watchOS 9, their new M2 chips, new MacBook Air and Pro, as well as new tools, technologies, and APIs for developers […]


Access control, Security

Contactless is reigning: Consumers can’t even remember their PIN

June 1, 2022

Via: Help Net Security

The company surveyed of 4,000 consumers across three continents, including 1,000 UK respondents, showed that 61% of consumers feel confident enough with contactless payments to leave their wallet at home and just take their phone – a figure that rises […]


Access control, Security

Account pre-hijacking attacks possible on many online services

May 24, 2022

Via: Help Net Security

Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on preemptive account hijacking by way of single sign-on (SSO) technology, researchers Avinash Sudhodanan and […]


Access control, Security

SIM-based Authentication Aims to Transform Device Binding Security to End Phishing

May 24, 2022

Via: The Hacker News

Let’s face it: we all use email, and we all use passwords. Passwords create inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for the attack have greatly multiplied as lives moved online. All […]


Access control, Security

10 ways attackers gain access to networks

May 19, 2022

Via: Malwarebytes

A joint multi-national cybersecurity advisory has revealed the top ten attack vectors most exploited by cybercriminals in order to gain access to organisation networks, as well as the techniques they use to gain access. The advisory cites five techniques used […]


Access control, Security

Apple, Google and Microsoft join forces to try and kill off passwords

May 6, 2022

Via: TechRadar

Some of the world’s biggest tech companies have announced plans to try and remove the need for passwords for good. Apple, Google and Microsoft have joined forces to push the wider availability of passwordless logins in a major way, promoting […]


Access control, Security

Eliminating Passwords: One Way Forward

April 6, 2022

Via: Dark Reading

The average Internet user has 100 passwords, according to research by NordPass. Remembering that many passwords is impossible, so people must implement a system for keeping track of them. For years, cybersecurity professionals have tried to convince people to record […]


Access control, Security, Threats & Malware, Vulnerabilities

Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

March 30, 2022

Via: The Hacker News

A duo of researchers has released a proof-of-concept (PoC) demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what’s called a replay attack. The attack is made possible, […]


Access control, Security

Enzoic’s automated credentials monitoring in Active Directory detects unsafe passwords

March 3, 2022

Via: Help Net Security

Enzoic released the latest version of Enzoic for Active Directory. The solution prevents users from choosing weak or previously exposed passwords by screening them at their creation and continuously monitoring passwords to ensure they do not subsequently become compromised. Enzoic’s […]


Access control, Mobile, Security, Wireless security

How to share your Wi-Fi password safely

January 11, 2022

Via: Malwarebytes

You may not have as many people visiting your home due to the pandemic, but restrictions are a hit-and-miss affair. It’s possible your region has opened up a little, and you’re seeing folks in your home for the first time […]


Access control, Security

Why the Future Needs Passwordless Authentication

December 2, 2021

Via: Security Intelligence

As of September, Microsoft users no longer have to rely on passwords when logging in to their accounts. The Redmond-based tech giant noted that users could instead use its authenticator app, Windows Hello; a physical security key or a verification […]


Access control, Security

Organizations can save $1.9 million using workforce passwordless authentication

November 4, 2021

Via: Help Net Security

Secret Double Octopus and Ponemon Institute announced the results of a US-based study focused on understanding the state of workforce passwordless authentication, from motivational drivers to results after transitioning to its use. Results demonstrated that remote work has and will […]


Access control, Security

Organizations failing to give users the login experience they want

October 15, 2021

Via: Help Net Security

Companies often claim to be customer-centric, or even customer-obsessed, striving to offer technologies that their users demand. However, the findings of a recent global Auth0 survey suggest that organizations worldwide continue to miss the mark when it comes to giving […]


Access control, Security

CISA Releases Remote Access Guidance for Government Agencies

October 11, 2021

Via: Security Week

Meant to provide federal agencies with guidance on securing their networks while ensuring that remote users do have access to internal resources, the document was produced in collaboration with the Office of Management and Budget (OMB), the Federal Chief Information […]


Access control, Security

Google to turn on 2-factor authentication by default for 150 million users

October 6, 2021

Via: The Hacker News

Google has announced plans to automatically enroll about 150 million users into its two-factor authentication scheme by the end of the year as part of its ongoing efforts to prevent unauthorized access to accounts and improve security. In addition, the […]


Access control, Security

Consumers are done with passwords, ready for more innovative authentication

September 30, 2021

Via: CSO Online

CISOs looking to beef up their customer-facing authentication procedures to thwart cyberattacks need to walk a fine line. You want the method to provide tight security without being too complicated, confusing, or onerous for end users. You also need to […]