Security News

OpenSSH version 8.2 is out and the big news is that the world's most popular remote management software now supports authentication using any FIDO U2F hardware token. Adding support inside OpenSSH simply means that any U2F token can now be used, including older FIDO1 and more recent FIDO2 hardware.

100K or so creators in the YouTube car community were targeted by a phishing campaign that captured 2FA codes.

Microsoft-owned GitHub on Monday announced that its token scanning service will also check commits for Atlassian, Dropbox, Discord, Proctorio and Pulumi tokens that have been accidentally shared. read more

IOTA Foundation, a non-profit foundation focused on distributed ledger technology (DLT) and open-source ecosystem development, announced the release of Trinity, a secure software wallet for IOTA...

Security token maker Yubico has issued an important advisory affecting high-end versions of its YubiKey authentication key.

For FIPS sake! Yubico is recalling one of its YubiKey lines after the authentication dongles were found to have a security weakness.…

Mark Risher of Google extols the virtues of security keys: I'll say it again for the people in the back: with Security Keys, instead of the *user* needing to verify the site, the *site* has to...

Docker, the company behing the popular virtualization tool bearing the same name, has announced late on Friday that it has suffered a security breach. There was no official public announcement....

A new security feature allows users of Android 7 and later to use their smartphones to authenticate themselves to their Google accounts.

If you have a "private" blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication tokens for your admin account might have...