Authentication

Google, Hyperledger launch online identity management tools

The new tools enable mobile-based options for employees to sign into corporate applications or create self-sovereign identities, access to which they control.

Sophos, Avast warn of Windows machines failing to boot after latest Microsoft patch

Antivirus makers Sophos and Avast are warning users that installing a recent Windows update may cause their PCs to lock up or fail to boot.

Your Outlook may be hacked; Microsoft confirms breach

Around late Friday evening, Microsoft announced a data breach that resulted from a Microsoft technical support agent’s credentials being compromised.

How Apple’s iCloud authentication system fails to protect your account

Apple’s 2FA iCloud system is generally very diligent about securing your account, especially when you have two devices, but it has one key flaw.

2FA and telco vulnerability allows criminals to hack email accounts, reveals security researcher

When you forget your Gmail password, and have two factor authentication (2FA) enabled, Google will SMS or call you with a six to eight digit code. You enter the code (Google calls this 2-step verification) and gain access to your account.

Homeland Security warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software

VPN packages from Cisco, Palo Alto, F5 and Pusle may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user’s system.

Darknet market bundling card details with device fingerprints to beat fraud detection

Researchers have uncovered an invitation-only Tor-concealed marketplace where stolen credit card details are bundled with the victim's device fingerprint, meaning criminal buyers can use them to beat numerous fraud detection systems.

Google expands cloud security capabilities, including simpler configuration

New tools and services will help make it easier for enterprises to manage security with Google products as well as with Amazon and in their own private clouds and applications.

You can now use your Android phone as a security dongle for two-factor authentication

Google has implemented a new method of two-factor authentication, using an Android phone as a stand-in for a hardware dongle.

Toyota reports yet another data breach; 3.1 million customer accounts exposed

Japanese automaker, Toyota, announced on Saturday that a data breach resulted in the data of 3.1 million customers being compromised. This is in fact the second data breach the company faced in the last five weeks. 

Critical Magento SQL injection flaw could be targeted by hackers soon

Popular e-commerce platform Magento has released security patches to fix the flaw. Researchers say update now.

Behavioral analytics - The key to fight against cyber threats

The key to better security lies in adopting a differentiated human-centric approach to cybersecurity, where people—rather than IT infrastructure—become the new perimeter.