The Hacker News

APRIL 10, 2024

We all know passwords and firewalls are important, but what about the invisible threats lurking beneath the surface of your systems? Identity Threat Exposures (ITEs) are like secret tunnels for hackers – they make your security way more vulnerable than you think.

Firewall 118

Firewall Passwords Accountability 118

Thales Cloud Protection & Licensing

MARCH 12, 2025

Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 - 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings. Want to know more?

Passwords 71

Passwords Authentication Digital transformation Government 71

Duo's Security Blog

SEPTEMBER 6, 2023

But conventional protection solutions, like password security, fall short when it comes to efficacy. We have a lot of thoughts on passkeys – some of which we’ve shared in other posts in this passkey blog series – and today we’re going to explore how passkeys stack up against passwords from the perspective of cloud platforms.

Passwords 105

Passwords Password Management Authentication Threat Detection 105

SecureWorld News

JANUARY 8, 2025

Stay tuned for expert insights, panel discussions, and webinars that delve deeper into the U.S. Manufacturers can voluntarily submit their products for testing to earn the Cyber Trust Mark. Cyber Trust Mark and its role in shaping the future of connected device security. Follow SecureWorld News for more stories related to cybersecurity.

IoT 116

IoT Manufacturing Government Cybersecurity 116

Hacker's King

OCTOBER 26, 2024

Activities during this week include engaging workshops, informative webinars, and community events, all designed to empower individuals with the knowledge and skills necessary to navigate today’s cyber threats effectively. Change them regularly and avoid reusing passwords across different accounts.

Cybersecurity 59

Cybersecurity Cyber threats Education Passwords 59

Duo's Security Blog

SEPTEMBER 4, 2023

And when it comes to managing access for this plethora of devices, password security just isn’t cutting it anymore. In our recent passkey blog series , we’ve been unpacking the difference between new passkey technology and more conventional password security in light of some of the most critical authentication scenarios.

Passwords 81

Passwords Authentication Accountability Password Management 81

Duo's Security Blog

JULY 1, 2021

Tall Tale #1: PINs Are Just Passwords In Part 1 , we talked about how passwordless authentication is still multi-factor: Possession of a private key, ideally stored on a piece of secure hardware A biometric or PIN the authenticator uses to locally verify the user’s identity Reasoning about a PIN being used as a factor is simpler than a biometric.

Passwords 98

Passwords Surveillance Authentication Risk 98

Security Affairs

JANUARY 28, 2020

The Zoom platform hosts both password-protected virtual meetings and webinars, and sessions for non-pre-registered participants who can join the meetings by entering a unique Meeting ID (comprised of 9, 10, and 11-digit numbers). The latter case doesn’t require a password or going through the Waiting Rooms.

Passwords 126

Passwords Advertising Accountability Hacking 126

Duo's Security Blog

SEPTEMBER 1, 2023

Nobody likes passwords. And is it realistic to consider passkeys – and the passwordless solutions they support – as a valid alternative for traditional password security? And is it realistic to consider passkeys – and the passwordless solutions they support – as a valid alternative for traditional password security?

Passwords 69

Passwords Authentication Phishing Technology 69

Duo's Security Blog

FEBRUARY 11, 2022

To help you make the most of this new offering, Duo Product Manager Chris Demundo and Product Marketing Manager Ted Kietzman recently hosted the webinar Ask Us Anything: Passwordless Tips & Tricks , answering passwordless questions crowdsourced from our Duo Community public forum. Where can I learn more about Duo Passwordless?

Authentication 111

Authentication Passwords Mobile Risk 111

Troy Hunt

AUGUST 31, 2018

A few little bits and pieces this week ranging from a new web cam (primarily to do Windows Hello auth), teaching my 8-year-old son HTML, progress with Firefox and HIBP, some really ridiculous comments from Namecheap re SSL (or TLS or HTTPS) and a full set of Pwned Passwords as NTLM hashes. Hope one of those works for you! References.

Passwords 111

Passwords Encryption 111

Troy Hunt

FEBRUARY 23, 2018

44:00 - Pwned Passwords (this is the good stuff!). Australia now has a mandatory disclosure law (it's called the "Notifiable Data Breach Scheme" or "NDB" here, this is a webinar I did on it yesterday). 11:40 - We're going all HTTPS (and some people are pretty angry about that). References.

Data breaches 152

Data breaches Passwords Hacking 152

Duo's Security Blog

OCTOBER 18, 2022

By this point, we’re all familiar with the list of requirements for a strong password: unique, long, memorable, free from any personal information… But even the strongest passwords can pose a risk if they’re the only thing standing between your users and enterprise content.

Insurance 64

Insurance Passwords Cyber Insurance Authentication 64

Troy Hunt

SEPTEMBER 7, 2018

It's been a week of travel for me with API Days in Melbourne on Tuesday, Fortinet Fast & Secure in Sydney on Wednesday then the Varonis webinar yesterday (recorded, I'll share once it's online). Be that as it may, I did manage to pump out a long-awaited blog post on the total cost of running Pwned Passwords in HIBP and its.

Spyware 120

Spyware Passwords Authentication Hacking 120

Webroot

OCTOBER 31, 2024

Steam the Webinar on demand HERE As we look back on the cybersecurity landscape of 2024, it’s clear that the world of digital threats continues to evolve at an alarming pace in parallel with AI. Be Cautious with Smart Devices: Secure your IoT devices by changing default passwords and keeping firmware updated.

Malware 108

Malware Ransomware Passwords Healthcare 108

Duo's Security Blog

SEPTEMBER 16, 2021

With MFA in place, you can reduce your reliance on passwords and modify password policies to require less frequent resets, alleviating help desk burden and reducing user frustration. Passwords Are Safer Than Biometrics, PINs Are Just Passwords, and Other Tall Tales See the video at the blog post.

Authentication 128

Authentication Passwords Phishing CISO 128

Malwarebytes

MARCH 25, 2024

Last week on Malwarebytes Labs: New Go loader pushes Rhadamanthys stealer Canada revisits decision to ban Flipper Zero Patch Ivanti Standalone Sentry and Ivanti Neurons for ITSM now 19 million plaintext passwords exposed by incorrectly configured Firebase instances Apex Legends Global Series plagued by hackers Tax scammer goes after small business (..)

Small Business 92

Small Business Architecture Media Passwords 92

Security Affairs

NOVEMBER 17, 2020

Enable these security settings: Meeting password/passcode Waiting room Meeting registration Send the new meeting information only to people that you know. Schedule a new meeting.

Risk 116

Risk Media Hacking Passwords 116

Duo's Security Blog

JANUARY 14, 2025

Hes asking if you can help him with a password reset and hes calling from a recognized numberdo you trust it? Preventing Helpdesk Phishing with Duo and Traceless Webinar Helpdesk impersonation is a big concern today, with MSPs contending with fraudulent attempts from attackers pretending to be clients. How can Duo MSP help?

Phishing 111

Phishing Technology Scams Cybercrime 111

Troy Hunt

JULY 18, 2022

The partnership with 1Password several years later is the same again; arguably, it made HIBP more useful for the masses or non-techies that had never given any consideration to a password manager. Password Purgatory ? What about Why No HTTPS ? Definitely not a product either as the service itself or the people that use it.

Data breaches 299

Data breaches Passwords Password Management Software 299

Thales Cloud Protection & Licensing

FEBRUARY 19, 2025

Go Beyond FIDO Standards: Best Practices When Deploying FIDO Security Keys in Enterprise madhav Thu, 02/20/2025 - 06:22 Initially designed for the consumer market, the FIDO (Fast IDentity Online) standard aims to replace passwords with more secure authentication methods for online services. While recent versions, like FIDO2.1,

Authentication 71

Authentication Passwords Marketing Risk 71

Troy Hunt

FEBRUARY 16, 2018

Monday was going to be full of coding work around Pwned Passwords V2 (and a few other HIBP things) then Texthelp went and got themselves pwned and there went my day writing about the ramifications of that. I had plans this week. This is a genuinely important issue and the whole concept of the JavaScript supply chain needs much better thought.

Data breaches 117

Data breaches Marketing Passwords Internet 117

Malwarebytes

MAY 7, 2023

Upcoming webinar: Is EDR or MDR better for your business? Google Authenticator WILL get end-to-end encryption. Eventually.

Small Business 90

Small Business Social Engineering Passwords Mobile 90

Duo's Security Blog

MAY 23, 2023

Your passwords are on the internet. Talks of passkeys, passphrases, and even password less all point in one direction: eroding faith in the previously trusty password tucked under your keyboard. These habits highlight the need for more modern password technology and stronger authentication methods.

Authentication 144

Authentication Passwords Data breaches Phishing 144

Thales Cloud Protection & Licensing

DECEMBER 2, 2021

Many businesses are still relying on single factor, insecure passwords, that are a source of increased risks. Even if they use knowledge questions to provide further protection, passwords are still easily compromised. However, even in this case, the authentication relies on text passwords, which are inherently insecure.

Authentication 125

Authentication Passwords Risk Mobile 125

Security Boulevard

JULY 6, 2023

It's no secret that the bad guys are training their artificial intelligence (AI) engines to crack passwords, perform account takeovers (ATO), and automate their ransomware demands. In fact, they are using AI to not only predict your users' current passwords. Mind blown! We typically know the location of the legitimate user.

Artificial Intelligence 105

Artificial Intelligence Passwords Authentication Accountability 105

Duo's Security Blog

JULY 6, 2023

The writing is certainly on the wall that username and password credentials are a menace to secure environments, and moving to strong authentication is the solution. There’s no time like the present for starting your passwordless journey Weak authentication with passwords and phishable MFA is putting enterprises at risk.

Authentication 100

Authentication Passwords Risk Technology 100

Duo's Security Blog

OCTOBER 6, 2023

TL,DR: Check out our on-demand webinar Your Zero Trust Roadmap , where we outline the five key steps to secure user access to apps. Shrink the attack surface by reducing password usage with passwordless SSO and make it faster and more convenient for users to get to the apps they need – whether SaaS-based or private.

Authentication 144

Authentication Risk Social Engineering InfoSec 144

Security Boulevard

FEBRUARY 14, 2022

Customers end up calling help desks for multiple reasons, including to reset their passwords and manage their profile, privacy, and data sharing settings. For example, allowing customers to manage and reset their usernames and passwords alone can save enterprises millions of dollars annually. Learn More In Our Webinar.

Passwords 97

Passwords Retail Digital transformation Risk 97

Malwarebytes

APRIL 2, 2023

Last week on Malwarebytes Labs: Solving the password’s hardest problem with passkeys, featuring Anna Pobletts Food giant Dole reveals more about ransomware attack Bogus Chat GPT extension takes over Facebook accounts Ransomware gunning for transport sector's OT systems next GitHub accidentally exposes RSA SSH key ChatGPT helps both criminals (..)

Backups 86

Backups DDOS Ransomware Cyber threats 86

Duo's Security Blog

NOVEMBER 20, 2023

Security professionals agree that passwords are low hanging fruit for cybercriminals and can even be the keys to the kingdom when the compromised passwords belong to privileged accounts. According to a 2023 Cisco Duo sponsored survey , only 62% of organizations make MFA mandatory for their entire workforce.

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

NopSec

JULY 25, 2017

Make sure your business email password is “Password123.” As it happens, the easiest way to actively exploit a system is to have the password or key. So how does an ethical hacker (and really, malicious ones, too) get a password or key? So how does an ethical hacker (and really, malicious ones, too) get a password or key?

Passwords 40

Passwords Penetration Testing Phishing Accountability 40

SecureWorld News

SEPTEMBER 29, 2022

For Amazon, cybersecurity is a top priority, said Jenny Brinkley, Director, Amazon Security, who was one of the webinar panelists. Another theme touched on in the webinar was to m ake awareness education easy, like you're talking to a teenager: "I like to think about how I explain this to my own family," Shou said. Updating software.

Cybersecurity 92

Cybersecurity Education Security Awareness Password Management 92

Duo's Security Blog

OCTOBER 11, 2023

To learn more about how Duo’s access management trifecta empowers you to authenticate further and defend faster, be sure to tune into our webinar Authenticate Further, Defend Faster with Higher Security from Duo. Forget coming up with a password that will eventually, inevitably find its way onto the dark web.

Authentication 126

Authentication Risk Technology Phishing 126

Duo's Security Blog

NOVEMBER 6, 2023

Passwords that are easily detectable or reused often are vulnerable to phishing attacks. This lowers the number of passwords users must remember (or re-use, as is often the case). The problem with balancing many identities Conventional passwords create separate lines for each account. What is a credential stuffing attack?

Passwords 83

Passwords Authentication Risk Technology 83

Duo's Security Blog

MARCH 9, 2022

Firewall status, drive encryption status, password status and whether an antivirus or anti-malware agent is running can all contribute to improved security resilience. Resources Webinar: Essential Eight - How Does Your Organization Rate? Solution Brief: Duo for Essential Eight Customer Story: Deakin University.

Cybersecurity 98

Cybersecurity Passwords Authentication VPN 98

Security Boulevard

JULY 21, 2023

This is why it's critical to secure your user identities and passwords and the IAM services that manage them. For example, after entering a username and password or SSO credentials, a user may be required to accept a push notification from an authenticator app or enter a PIN sent to a personal device.

Threat Detection 98

Threat Detection Passwords Authentication Accountability 98