Security News

Would-be password-killer FIDO Alliance aims to boost uptake with new UX guidelines
2021-06-24 20:30

The FIDO Alliance, which operates with no smaller mission than to "Reduce the world's over-reliance on passwords", has announced the release of new user experience guidelines aimed at bringing the more technophobic on board. Launched back in 2013 as the Fast Identity Online Alliance, the FIDO Alliance aims to do away with passwords altogether through the introduction of standards-compliant "Authenticators" including USB security dongles, fingerprint readers, Trusted Platform Modules and more.

FIDO Alliance unveils UX guidelines and new FIDO2 standards enhancements
2021-06-23 16:31

The FIDO Alliance announced its first user experience guidelines and new FIDO2 standards enhancements aimed at accelerating the world's move beyond passwords. The FIDO UX guidelines provide that path, allowing service providers to help consumers understand, adopt and benefit from logging in with FIDO. At the same time, the increase in remote work and subsequent increase in phishing attacks on their infrastructure is accelerating enterprises' digital transformation plans and making strong authentication a priority.

Facebook Announces Payout Guidelines for Bug Bounty Program
2021-02-16 15:19

Facebook on Tuesday announced several new features for its bug bounty program, including an educational resource and payout guidelines. The payout guidelines provide insight into the process used by the company to determine rewards for certain vulnerability categories.

ENISA publishes procurement guidelines for cybersecurity in hospitals
2020-02-25 06:30

The EU Agency for Cybersecurity published a cybersecurity procurement guide for hospitals. The Procurement Guidelines for Cybersecurity in Hospitals published by the Agency is designed to support the healthcare sector in taking informative decisions on cybersecurity when purchasing new hospital assets.

NIST Drafts Guidelines for Coping With Ransomware
2020-02-03 21:03

"We are more interested in ransomware that models behavior that we saw in the WannaCry attacks, where ransomware can exploit a vulnerability and propagate across a network," Ekstrom, who helped work on the documents, tells Information Security Media Group. One significant reason why NIST created these practice guidelines now is that the nature of ransomware has changed over the last two years, Ekstrom says.

EDRi’s guidelines call for more ethical websites
2020-01-17 10:42

Enter European Digital Rights, a collection of human rights groups across Europe, which has published a set of guidelines for ethical website development. EDRi also includes website accessibility as a key ethical principle.

4 Automated Password Policy Enforcers for NIST Password Guidelines
2019-11-19 21:34

Automate Screening of Exposed Passwords and Password Policy EnforcementHere are four automated password policy options we recommend for NIST compliance.

Australian Universities Adopt Foreign Interference Guidelines
2019-11-14 12:13

Australia announced measures to combat foreign interference at its universities Thursday, setting new guidelines around the key areas of research collaboration, cybersecurity, and international...

Pentagon publishes AI guidelines
2019-11-04 12:43

As the specter of warrior robots looms large, the Pentagon has published a set of ethical guidelines for its use of artificial intelligence.

Surprising Password Guidelines from NIST
2019-07-15 15:18

NIST Cyber Security FrameworkNIST guidelines often become the foundation for best practice recommendations across the security industry and are incorporated into other standards.