Security News

So you've set up MFA and solved the Elvish riddle, but some still think passwords alone are secure enough
2020-05-07 00:31

About a third of firms and organisations in Europe and the Middle East still believe the humble password is a good enough security measure, according to a survey carried out by French firm Thales. Thales, which bought secure mobile phone SIM card biz Gemalto in 2017, reckoned that over half of IT pros it polled said that unsecured infrastructure was the most likely attack surface.

99% of compromised Microsoft enterprise accounts lack MFA
2020-03-09 11:15

Cybercriminals compromise 0.5% of all Microsoft enterprise accounts every month because too few customers are using multi-factor authentication, the company has revealed. In a presentation uploaded to YouTube from the recent RSA Security Conference, director of Identity Security Alex Weinert said 1.2 million accounts were compromised in January 2020 alone.

Enable that MF-ing MFA: 1.2 million Azure Active Directory accounts compromised every month, reckons Microsoft
2020-03-05 11:30

Microsoft reckons 0.5 per cent of Azure Active Directory accounts as used by Office 365 are compromised every month. "About a half of a per cent of the enterprise accounts on our system will be compromised every month, which is a really high number. If you have an organisation of 10,000 users, 50 will be compromised each month," said Weinert.

Making Sure You're PCI DSS 3.2 Compliant? MFA to the Rescue
2020-01-28 19:03

Today, I want to take a closer look at the PCI DSS 3.2 standard, starting with Requirement 8 and gradually making our way to Requirement 8.3.2. The standard specifically uses CDE, or the cardholder data environment, instead of "Sensitive data," but the concept is the same - make sure the person requesting access is truly who they claim to be.

HIPAA Standard 164.312(d): MFA to the Rescue
2019-12-26 15:04

How Common is it for Individuals to Remember PINs or Passwords Set by Entities Holding the Information They're Requesting?Humans have enough things to remember as it is and remembering yet another...

Week in review: MFA effectiveness, SMBs and Win7 security, the quantum computing threat
2019-10-06 14:00

Here’s an overview of some of last week’s most interesting news, interviews and articles: Unpatched Android flaw exploited by attackers, impacts Pixel, Samsung, Xiaomi devices A privilege...

Microsoft: Any form of MFA takes users out of reach of most attacks
2019-10-04 14:37

The apparent ease with which SIM hijacking attacks are being perpetrated to get the targets’ second authentication factor for crucial accounts (online banking, cryptocurrency exchange, online...

Duo Security now offering enhanced MFA support for AWS
2019-06-27 00:00

Cisco’s Duo Security, the leading multi-factor authentication (MFA) and Zero Trust for the Workforce provider, announced enhanced MFA support for Amazon Web Services (AWS). AWS customers can add...

TypingDNA releases MFA solution based on typing biometrics
2019-06-21 01:03

TypingDNA announced an innovative MFA solution that combines proprietary typing biometrics technology, SMS OTP or Email OTP. TypingDNA is a leading behavioral biometrics company that protects...

What will phishers do once push-based MFA becomes widely used?
2019-05-06 09:50

As phishing continues to be the number one method for initiating a breach, investing in anti-phishing technologies or training – preferably both – should be a no-brainer for most companies. As...