ShinyHunters claim to be behind SSO-account data theft attacks

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...

Millions of people imperiled through sign-in links sent by SMS

Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of ...

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP ...

Mandiant releases rainbow table that cracks weak admin password in 12 hours

Security firm Mandiant has released a database that allows any administrative password protected by Microsoft’s NTLM.v1 hash ...

IT solutions for businesses with limited budgets

Ascendant Technologies reports that budget-conscious businesses can enhance productivity and security through IT solutions ...
Cloud Security Alliance

Reimagining the Browser as a Critical Policy Enforcement Point: A Zero Trust Security Architecture for Modern Enterprises

Explores turning the browser into a policy enforcement point within a Zero Trust framework, covering governance, MFA, device ...
IEEE

Toward Cross-Environment Continuous Gesture User Authentication With Commercial Wi-Fi

Abstract: Behavior biometrics-based user authentication with Wi-Fi gains significant attention due to its ubiquitous and contact-free manners. An individual’s identity can be verified by analyzing ...
InfoWorld

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications. IBM is urging customers to quickly patch a critical vulnerability in its API ...