Security News

Multi-factor authentication, for those who haven't been paying attention, involves adding one or more additional access requirements to password-based authentication. At the same time, he argues people should avoid relying on SMS messages or voice calls to handle one-time passcodes because phone-based protocols are fundamentally insecure.

Whether decreasing the number of passwords required through single sign-on or eliminating the password altogether in favor of a strong authentication factor, the priority is on the workforce experience. At the same time, we've asked users to create longer passwords, more complex passwords, unique passwords.

The streaming box allows arbitrary code execution as root, paving the way to pilfering social-media tokens, passwords, messaging history and more. A critical bug in the Hindotech HK1 TV Box would allow root-privilege escalation thanks to improper access control.

Abstract: Risk-based Authentication is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code.

While passwords may not be going away completely, 92 percent of respondents believe passwordless authentication is the future of their organization, according to a LastPass survey. Passwordless authentication reduces password related risks by enabling users to login to devices and applications without the need to type in a password.

LexisNexis Risk Solutions announced the availability of the LexisNexis ID Compass Platform for Insurance. A multi-layered identity access management solution, the platform combines physical and digital intelligence to help insurance carriers respond to identity risk and reduce friction for consumers seeking insurance quotes and other transactions.

Yubico announced the general availability of the YubiKey 5C NFC, a multi-protocol security key with smart card support, designed with both near-field communication and USB-C connections on a single device. "Users are no longer tied to just one device or service, nor do they want to be. That's why the YubiKey 5C NFC is one of our most sought-after security keys - it's compatible with a majority of modern-day computers and mobile phones and works well across a range of legacy and modern applications. At the end of the day, our customers crave security that 'just works' no matter what."

GlobalPlatform has released a new specification to simplify and bring greater trust to the authentication of digital services on smartphones and biometric-enabled cards. Originally developed within EMVCo, the global technical body that facilitates the worldwide interoperability and acceptance of secure payment transactions, the Secure Element Broker Interface defines a standard to make end-user authentication simpler for all applications running in a GlobalPlatform-certified Secure Element.

Silverfort, a provider of an agentless, proxyless authentication platform, announced this week that it has raised $30 million in a Series B funding round led by Aspect Ventures. The additional funding, which brings the total investment in the company to $41.5 million, will help the company expand its sales, marketing, engineering and support teams globally.

More than ever, now is the time to make absolutely sure that your services and devices are using the best protection available to keep data secured and away from unauthorized hands. There are too many services to possibly list, but some of the most commonly targeted ones include email, banking, and shopping sites.