Will passkeys ever replace passwords? Can they? Systems Approach Here's why they really should Security17 Nov 2024 | 125
Don't have MFA on a Google Cloud account? You'll have to from Jan Lock it up. Lock it up PaaS + IaaS05 Nov 2024 | 6
Snowflake slams 'more MFA' button again – months after Ticketmaster, Santander breaches Now it's the default for all new accounts Security16 Sep 2024 | 2
Deadline looms: Google Workspace mandates OAuth by September 30 27 days to get your users' third-party apps on Google’s sign-in Devops03 Sep 2024 | 7
India contemplates compulsory dynamic 2FA for digital payments SMS OTPs are overused, so bring on the tokens and biometrics Security02 Aug 2024 | 4
Advance Auto Parts: 2.3M people's data accessed when crims broke into our Snowflake account Letters from CISO Ethan Steiger suggest the data related to job applications Cyber-crime11 Jul 2024 | 6
Microsoft China staff can't log on with an Android, so Redmond buys them iThings Google's absence creates software distribution issues not even mighty Microsoft can handle Security09 Jul 2024 | 20
Microsoft gives Windows admins a break and MFA a hard push Updates now optional, but Azure security is not Software23 May 2024 | 5
Microsoft, Google do a victory lap around passkeys Windows giant extends passwordless tech to everyone else Security02 May 2024 | 74
Apple fans deluged with phony password reset requests Beware support calls offering a fix Security27 Mar 2024 | 18
Google Workspace weaknesses allow plaintext password theft Exploits come with caveats, but Google says no fixes as user security should do the heavy lifting here Research15 Nov 2023 | 2
Microsoft likens MFA to 1960s seatbelts, buckles admins in yet keeps eject button Admins have 90 days to opt out before MFA is deployed automatically Security07 Nov 2023 | 30
Lawyer's Microsoft email snafu goes from $1.75M lawsuit to Ctrl+Alt+Settle Accused software giant of MFA error that rendered work address useless Software12 Sep 2023 | 31
Cisco's Duo Security suffers major authentication outage Updated Provides complete security by not letting anyone login Off-Prem21 Aug 2023 | 12
Shifting to two-factor auth is hard to do. GitHub recommends the long game Black Hat Slow and steady wins this race with users Black Hat and DEF CON10 Aug 2023 | 25
Microsoft decides it will be the one to choose which secure login method you use Certificate-based authentication comes first and phones last CSO18 May 2023 | 55
Microsoft disarms push notification bombers with number matching in Authenticator Mandatory measure against attackers who spam MFA folks into submission Security09 May 2023 | 19
Microsoft uses carrot and stick with Exchange Online admins If you need extra time to dump RPS, OK, but email from unsupported Exchange servers is blocked till they’re up to date Spotlight on RSA30 Mar 2023 | 16
Microsoft pushes out PowerShell scripts to fix BitLocker bypass Attackers exploiting the vulnerability could access encrypted data Software19 Mar 2023 | 28
Microsoft's scythe hovers over RPS for Exchange Online Remote PowerShell Protocol users must shift into PowerShell v3 module Software08 Mar 2023 |
DraftKings gamblers lose $300,000 to credential stuffing attack Users of the sports betting site rolled the dice on reusing passwords and lost Security22 Nov 2022 | 15
Robin Banks crooks back at the table with fresh phish from Russia Phishing-as-a-service group's toolset now includes ways to get around MFA Research08 Nov 2022 | 1
Microsoft hits the switch on password-free smartphone authentication No more MF phish on this MFA cellphone as Azure AD CBA + YubiKey hits preview Security07 Nov 2022 | 23
Multi-factor auth fatigue is real – and it's why you may be in the headlines next Analysis Overwhelmed by waves of push notifications, worn-down users inadvertently let the bad guys in Security03 Nov 2022 | 88
It’s 2022 and netizens are only now getting serious about cybersecurity US folks start to get the message about protecting themselves online Security10 Oct 2022 | 12
Microsoft: Watch out for password spray attacks – especially you, Basic Auth Exchange Online users should have authentication policies in place CSO04 Oct 2022 | 7
Microsoft: The deadline to get off Basic Auth is approaching Exchange Online face Halloween deadline OSes05 Sep 2022 | 50
RubyGems now requires multi-factor auth for top package maintainers Sign-on you crazy diamond Security16 Aug 2022 | 1
This big phish can swim around MFA, says Microsoft Security Slippery AiTM attacks targeted more than 10,000 orgs over the past nine months CSO13 Jul 2022 | 2
Keep an eye on your Experian accounts: Some profiles hijacked using personal info When identity thieves strike your identity theft monitor Personal Tech12 Jul 2022 | 8
Start using Modern Auth now for Exchange Online Before Microsoft shutters basic logins in a few months CSO29 Jun 2022 | 28
Carnival Cruises torpedoed by US states, agrees to pay $6m after wave of cyberattacks Now those are some phishing boats Cyber-crime28 Jun 2022 | 17
Okta says Lapsus$ incident was actually a brilliant zero trust demonstration Once former supplier Sitel coughed up its logs, it became apparent the attacker was hemmed in Security22 Jun 2022 | 4