Security News

There's one very noticeable exception: Multi-factor authentication is universally hailed as a leapfrog security measure that drastically reduces online threats like identity theft and online fraud. Security experts routinely recommend that users implement MFA technology where available, stressing the value of additional layers of authentication to thwart malicious hackers.

With concerns around online fraud and identity theft rising, consumers expect businesses to utilize new technologies to protect them online. The research revealed positive attitudes towards a number of newer methods of identity authentication amongst consumers in China, the UK and the U.S. Almost three quarters of people said they feel secure when they are asked to log into their bank account to verify their identity for other online services.

Overall, BIMI acts as an additional layer of security to the existing email authentication process. You will need to convert your BIMI logo image to an SVG file that meets the BIMI standard specifications.

Passwordless authentication startup Stytch this week announced that it has raised $30 million in a Series A funding round. Founded in 2020, the San Francisco, California-based company seeks to improve both security and user experience by enabling authentication without the need of passwords.

To help achieve progress on Zero Trust, there is now a new, easy way to implement continuous user verification by connecting directly to the authentication systems used by mobile operators - without the overhead of processing or storing user data. The Zero Trust model of identity verification essentially means never trusting that a returning user is whom they claim to be, regardless of their location or previous successful attempts.

Entrust announced an expanded partnership with Red Sift to simplify and streamline the adoption of strong email sender authentication based on Brand Indicators for Message Identification standards. As email has become more critical than ever for organizations to connect and communicate with their customers, the ecosystem is looking to BIMI as an opportunity to increase the wide adoption of email authentication while simultaneously providing senders with a way to provide their customers a more immersive experience.

Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system. As discovered by CyberArk Labs security researchers, attackers can create custom USB devices that Windows Hello will work with to completely circumvent Windows Hello's facial recognition mechanism using a single valid IR frame of the target.

Twitter this week announced that it allows users to enroll security keys and use them as the only form of two-factor authentication to secure their accounts. "Security keys offer the strongest protection for your Twitter account because they have built-in protections to ensure that even if a key is used on a phishing site, the information shared can't be used to access your account," Twitter explains.

Netgear has patched three bugs in one of its router families that, if exploited, can allow threat actors to bypass authentication to breach corporate networks and steal data and credentials. Microsoft security researchers discovered the bugs in Netgear DGN-2200v1 series routers while they were researching device fingerprinting, Microsoft 365 Defender research team's Jonathan Bar Or said in a blog post, posted Wednesday.

LoginID announced additional SDK options for developers. These SDKs empower developers to integrate FIDO strong authentication into their websites or apps.