Security News

In recent years biometrics have increasingly been lauded as a superior authentication solution to passwords. With a detailed enough representation of a biometric marker, it's possible to spoof it and, with the rise of deep-fake technology, it will become even easier to spoof biometrics.

Follow these steps to better protect your Zoom account with a second layer of authentication. Zoom now provides an extra level of security to your account with two-factor authentication.

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 during this month's Patch Tuesday, on November 10. Kerberos replaced the NTLM protocol to be the default authentication protocol for domain connected devices on all Windows versions above Windows 2000.

Multi-factor authentication, for those who haven't been paying attention, involves adding one or more additional access requirements to password-based authentication. At the same time, he argues people should avoid relying on SMS messages or voice calls to handle one-time passcodes because phone-based protocols are fundamentally insecure.

Whether decreasing the number of passwords required through single sign-on or eliminating the password altogether in favor of a strong authentication factor, the priority is on the workforce experience. At the same time, we've asked users to create longer passwords, more complex passwords, unique passwords.

The streaming box allows arbitrary code execution as root, paving the way to pilfering social-media tokens, passwords, messaging history and more. A critical bug in the Hindotech HK1 TV Box would allow root-privilege escalation thanks to improper access control.

Abstract: Risk-based Authentication is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code.

While passwords may not be going away completely, 92 percent of respondents believe passwordless authentication is the future of their organization, according to a LastPass survey. Passwordless authentication reduces password related risks by enabling users to login to devices and applications without the need to type in a password.

LexisNexis Risk Solutions announced the availability of the LexisNexis ID Compass Platform for Insurance. A multi-layered identity access management solution, the platform combines physical and digital intelligence to help insurance carriers respond to identity risk and reduce friction for consumers seeking insurance quotes and other transactions.

Yubico announced the general availability of the YubiKey 5C NFC, a multi-protocol security key with smart card support, designed with both near-field communication and USB-C connections on a single device. "Users are no longer tied to just one device or service, nor do they want to be. That's why the YubiKey 5C NFC is one of our most sought-after security keys - it's compatible with a majority of modern-day computers and mobile phones and works well across a range of legacy and modern applications. At the end of the day, our customers crave security that 'just works' no matter what."