Security News

The most common authentication method is also the least secure
2024-09-30 03:00

Despite the rise in cyber threats, many people do not have a holistic view of security, according to Yubico. The results of the survey uncovered concerning patterns and behaviors when it comes to...

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
2024-09-19 05:07

GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in...

GitLab releases fix for critical SAML authentication bypass flaw
2024-09-18 18:37

GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition...

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers
2024-09-12 04:57

WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The...

Critical SAP flaw allows remote attackers to bypass authentication
2024-08-13 21:43

SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the...

Multi-Factor Authentication Policy
2024-08-11 16:00

This reality requires the adoption of a multi-factor authentication policy within organizations. Multi-factor authentication is a powerful tool for safeguarding sensitive data from unauthorized access.

Google Workspace Authentication Vulnerability Allowed Thousands of Accounts to be Exposed
2024-07-30 19:24

Thousands of accounts have been exposed after hackers used existing emails to create Google Workspace accounts and bypassed the verification process. One impacted user that shared their experience on a Google Cloud Community forum was notified by Google that someone had created a Workspace account with their email without verification and then used it to log into Dropbox.

Google Workspace Authentication Vulnerability Allowed Thousands of Emails to be Compromised
2024-07-30 19:24

Thousands of email addresses have been compromised after hackers used them to create Google Workspace accounts and bypassed the verification process. One impacted user that shared their experience on a Google Cloud Community forum was notified by Google that someone had created a Workspace account with their email without verification and then used it to log into Dropbox.

Docker fixes critical 5-year old authentication bypass flaw
2024-07-24 19:00

Docker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to bypass authorization plugins (AuthZ) under...

What Is Two-Factor Authentication?
2024-07-17 16:00

TYPES OF 2FA. Secondary authentication factors vary in how they are used in the verification of user identities. The simple expedient of texting a time-sensitive code to a mobile device is usually enough to keep most accounts secure.