Security News

Overall, BIMI acts as an additional layer of security to the existing email authentication process. You will need to convert your BIMI logo image to an SVG file that meets the BIMI standard specifications.

Passwordless authentication startup Stytch this week announced that it has raised $30 million in a Series A funding round. Founded in 2020, the San Francisco, California-based company seeks to improve both security and user experience by enabling authentication without the need of passwords.

To help achieve progress on Zero Trust, there is now a new, easy way to implement continuous user verification by connecting directly to the authentication systems used by mobile operators - without the overhead of processing or storing user data. The Zero Trust model of identity verification essentially means never trusting that a returning user is whom they claim to be, regardless of their location or previous successful attempts.

Entrust announced an expanded partnership with Red Sift to simplify and streamline the adoption of strong email sender authentication based on Brand Indicators for Message Identification standards. As email has become more critical than ever for organizations to connect and communicate with their customers, the ecosystem is looking to BIMI as an opportunity to increase the wide adoption of email authentication while simultaneously providing senders with a way to provide their customers a more immersive experience.

Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system. As discovered by CyberArk Labs security researchers, attackers can create custom USB devices that Windows Hello will work with to completely circumvent Windows Hello's facial recognition mechanism using a single valid IR frame of the target.

Twitter this week announced that it allows users to enroll security keys and use them as the only form of two-factor authentication to secure their accounts. "Security keys offer the strongest protection for your Twitter account because they have built-in protections to ensure that even if a key is used on a phishing site, the information shared can't be used to access your account," Twitter explains.

Netgear has patched three bugs in one of its router families that, if exploited, can allow threat actors to bypass authentication to breach corporate networks and steal data and credentials. Microsoft security researchers discovered the bugs in Netgear DGN-2200v1 series routers while they were researching device fingerprinting, Microsoft 365 Defender research team's Jonathan Bar Or said in a blog post, posted Wednesday.

LoginID announced additional SDK options for developers. These SDKs empower developers to integrate FIDO strong authentication into their websites or apps.

BioConnect announced a collaboration with HID Global to bring authentication to its HID Mobile Access solution alongside a mobile survey option for wellness declaration for employee health status and activity logging. BioConnect expands the options for HID Mobile Access users with enterprise issued biometrics or multi-factor authentication right from their mobile device with the BioConnect Mobile Authenticator to meet new and more stringent compliance requirements.

Multiple large organizations were found to be impacted by an authentication bypass in Adobe Experience Manager CRX Package Manager, according to a warning from security vendor Detectify. The Adobe Experience Manager is a content management solution used for the building of websites and mobile applications, while also allowing developers to manage marketing content and assets.