Expert insights. Personalized for you.
CyberEdBoard Executive Members, Bernardo Vasquez and Rob Hornbuckle, guest speak on panel at ISMG Identity & Access Management Virtual Cybersecurity Summit MORE
A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before. MORE
Although they are the most common tool used to verify a person’s identity, passwords are the least secure mode of authentication. What is passwordless authentication? Passwordless authentication, on the other hand, is derived from different types of information the user has. MORE
Overview of Authentication Mechanisms. In this regard, continuously authenticating users who are accessing corporate resources helps maintain trust in distributed IT environments. Many businesses tend to implement OOB authentication via SMS texts. X.509 Authentication. MORE
Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce Organizations with largely remote workforces must strengthen their dynamic authentication processes to enhance security, says Sridhar Sidhu, senior vice president and head of the information security services group at Wells Fargo MORE
your organization can now lean on multi-factor authentication (MFA) to secure HTML5-based terminal emulator access. BlueZone web allows users to have their first point of authentication as an internal user, LDAP registered user or MS SQL User. MORE
Strategist Coby Montoya Discusses Leveraging Behavioral Biometrics to Fight Fraud With consumers relying more heavily on e-commerce during the pandemic and beyond, leveraging behavioral biometrics for authentication is an effective strategy, says Coby Montoya, a fraud-fighting and authentication strategist at a financial company. MORE
163 IBM Researchers Describe How 'TrickMo,' a TrickBot Variant, Works A variant of the TrickBot Trojan bypasses two-factor authentication for mobile banking, for example, by intercepting one-time codes sent over SMS, according to IBM X-Force MORE
144 Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner MORE
Phil Dunkelberger of Nok Nok Labs Discusses Evolving Payment Fraud Schemes As e-commerce explodes during the global CIVD-19 pandemic, transaction authentication is more critical for fraud prevention, says Phil Dunkelberger of Nok Nok Labs, who discusses the latest fraud trends MORE
144 Hospital Future Act (KHZG) & Biometric Authentication. mzillig. Mon, 07/19/2021 - 09:20 MORE
The Kaseya ransomware attack is believed to have been down to an authentication bypass. Yes, ransomware needs to be on your radar -- but good authentication practices are also imperative MORE
Uncategorized authentication impersonationThis is a weird story of a building owner commissioning an artist to paint a mural on the side of his building — except that he wasn’t actually the building’s owner. MORE
Joni Brennan of Canadian ID Council on How IAM Capabilities Must Evolve "Multisectoral" authentication can help to ensure that government benefits are provided to the right recipients, says Joni Brennan, president of the Digital ID & Authentication Council of Canada MORE
Logs from the Exchange server showed that the attacker provided username and password authentication like normal but were not challenged for a second factor through Duo. After successful password authentication, the server evaluated the duo-sid cookie and determined it to be valid. MORE
says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. As it happened, the PCM employee was not using multi-factor authentication. In response, Microsoft said while its guidance has always been for partners to enable and require multi-factor authentication for all administrators or agent users in the partner tenants, it would soon be making it mandatory. MORE
Nok Nok Lab's Philip Dunkelberger on Why Traditional Authentication Won't Work With the advent of the internet of things, authentication needs to be far more scalable, says Phillip Dunkelberger, CEO of Nok Nok Labs MORE
Database Blunder Left Two-Step Codes, Account Reset Links Exposed A database security blunder revealed on Friday serves as a reminder that the days of SMS-based authentication should be over. The exposed database, which wasn't protected by a password, contained 26 million text messages, many of which were two-step verification codes and account-reset links MORE
Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials. MORE
Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey OneSpan's Tim Bedard Analyzes New Banking Security Survey How well can banking institutions apply the right amount of security to the right transactions at the right time? MORE
The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance's risk management framework and update the Agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment MORE
Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions MORE
113 The tech giant wants to push its billions of users—and the rest of the industry—to enable multifactor authentication by default. Security Security / Security News MORE
Company's Action Follows Similar Move by Google Nest Amazon's Ring is mandating the use of two-factor authentication for all users, a move designed to help stop creepy takeovers of the web-connected home security cameras. MORE
Smart & Adaptive MFA for the Modern Campus View this webinar as we discuss multi-factor authentication for the evolving campus community MORE
In an interview, Rohas Nagpal, a chief architect at Primechain Technologies, describes how blockchain can be used for authentication and pinpoints areas where blockchain is not the ideal technology. He'll be a featured speaker at ISMG's Security Summit in Mumbai Thursday MORE
Balancing Made Easier It is a simple fact that strong authentication will impact user experience and effectiveness MORE
Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections MORE
14 deadline for compliance with the new PSD2 "strong customer authentication" requirements for electronic payments, it may take a while for European consumers to notice authentication changes Banks, Merchants, Processors Struggling to Comply With Mandate Because banks, fintech firms, merchants and payments processors in the EU have struggled to meet the Sept. MORE
What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security. Of particular note is that although the Reddit employee accounts tied to the breach were protected by SMS-based two-factor authentication, the intruder(s) managed to intercept that second factor. APP-BASED AUTHENTICATION. MORE
Shane Weeden, and authentication expert with IBM Security, discusses the future of authentication and why he's encouraged by the FIDO2 initiative As we approach 2019, is it realistic to think the end of our dependency on traditional user names and passwords is in sight? MORE
OneSpan's Tim Bedard on Evolutionary Strategies and Controls The right authentication controls at the right time for the right transactions - the adaptive authentication message is taking off, says OneSpan's Tim Bedard. And here are some quick wins organizations might focus on when starting down the path MORE
121 Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions MORE
140 
Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions MORE
113 
Jamf Connect expands secure identity and access to resources with Jamf Unlock, passwordless authentication from an iPhone app to securely unlock Mac and the resources needed to be productive MORE
Doing authentication well is vital for any company in the throes of digital transformation. Related: Locking down ‘machine identities’ At the moment, companies are being confronted with a two-pronged friction challenge, when it comes to authentication. MORE
Streamlining and Enhancing Authentication for the Workforce Many organizations have updated the authentication process for customers to help ensure frictionless transactions. MORE
157 
Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques New authentication models, including dynamic authorization and continuous authentication, that work well for consumers can be adopted for employees as well, says Thomas Malta, head of identity and access management at the Virginia-based Navy Federal Credit Union. MORE
The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected data in the cloud.” Uncategorized authentication credentials hacking NSA trust MORE
Authentication Related Topics Data Breach Today
MARCH 4, 2021
Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques New authentication models, including dynamic authorization and continuous authentication, that work well for consumers can be adopted for employees as well, says Thomas Malta, head of identity and access management at the Virginia-based Navy Federal Credit Union.
Data Breach Today
JANUARY 7, 2021
Joni Brennan of Canadian ID Council on How IAM Capabilities Must Evolve "Multisectoral" authentication can help to ensure that government benefits are provided to the right recipients, says Joni Brennan, president of the Digital ID & Authentication Council of Canada
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
MAY 4, 2021
Strategist Coby Montoya Discusses Leveraging Behavioral Biometrics to Fight Fraud With consumers relying more heavily on e-commerce during the pandemic and beyond, leveraging behavioral biometrics for authentication is an effective strategy, says Coby Montoya, a fraud-fighting and authentication strategist at a financial company.
Schneier on Security
DECEMBER 14, 2020
Uncategorized authentication impersonationThis is a weird story of a building owner commissioning an artist to paint a mural on the side of his building — except that he wasn’t actually the building’s owner.
Advertiser: ZoomInfo
As buyer expectations continue to heighten, marketing and sales teams are feeling pressured to deliver authentic messaging to buyers at every point of their customer journey. This report aims to highlight the current state of B2B database and contact acquisition strategies, and organizations’ goals to leverage data to fuel their go-to-market strategies in 2020 and beyond.
Schneier on Security
OCTOBER 5, 2020
A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. I’ve blogged about risk-based authentication before.
Data Breach Today
MARCH 10, 2021
Smart & Adaptive MFA for the Modern Campus View this webinar as we discuss multi-factor authentication for the evolving campus community
Data Breach Today
JANUARY 15, 2021
Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce Organizations with largely remote workforces must strengthen their dynamic authentication processes to enhance security, says Sridhar Sidhu, senior vice president and head of the information security services group at Wells Fargo
Schneier on Security
DECEMBER 15, 2020
Logs from the Exchange server showed that the attacker provided username and password authentication like normal but were not challenged for a second factor through Duo. After successful password authentication, the server evaluated the duo-sid cookie and determined it to be valid.
Data Breach Today
NOVEMBER 27, 2018
In an interview, Rohas Nagpal, a chief architect at Primechain Technologies, describes how blockchain can be used for authentication and pinpoints areas where blockchain is not the ideal technology. He'll be a featured speaker at ISMG's Security Summit in Mumbai Thursday
Threatpost
JULY 1, 2021
Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials.
|
Dark Reading
JULY 8, 2021
The Kaseya ransomware attack is believed to have been down to an authentication bypass. Yes, ransomware needs to be on your radar -- but good authentication practices are also imperative
Data Breach Today
FEBRUARY 19, 2020
Company's Action Follows Similar Move by Google Nest Amazon's Ring is mandating the use of two-factor authentication for all users, a move designed to help stop creepy takeovers of the web-connected home security cameras.
Data Breach Today
MAY 3, 2019
Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions
Data Breach Today
AUGUST 19, 2020
Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner
Rocket Software
JULY 24, 2020
your organization can now lean on multi-factor authentication (MFA) to secure HTML5-based terminal emulator access. BlueZone web allows users to have their first point of authentication as an internal user, LDAP registered user or MS SQL User.
Data Breach Today
NOVEMBER 15, 2017
The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance's risk management framework and update the Agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment
Krebs on Security
JUNE 28, 2019
says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. As it happened, the PCM employee was not using multi-factor authentication. In response, Microsoft said while its guidance has always been for partners to enable and require multi-factor authentication for all administrators or agent users in the partner tenants, it would soon be making it mandatory.
eSecurity Planet
MARCH 31, 2021
Although they are the most common tool used to verify a person’s identity, passwords are the least secure mode of authentication. What is passwordless authentication? Passwordless authentication, on the other hand, is derived from different types of information the user has.
Data Breach Today
MARCH 25, 2020
IBM Researchers Describe How 'TrickMo,' a TrickBot Variant, Works A variant of the TrickBot Trojan bypasses two-factor authentication for mobile banking, for example, by intercepting one-time codes sent over SMS, according to IBM X-Force
HID Global
MAY 25, 2021
What Is Adaptive Authentication? spaquet. Tue, 05/25/2021 - 09:53
Data Breach Today
JULY 26, 2019
Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions
Data Breach Today
OCTOBER 9, 2019
Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections
Data Breach Today
JULY 29, 2019
Balancing Made Easier It is a simple fact that strong authentication will impact user experience and effectiveness
Schneier on Security
DECEMBER 18, 2020
The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected data in the cloud.” Uncategorized authentication credentials hacking NSA trust
Data Breach Today
APRIL 20, 2020
Phil Dunkelberger of Nok Nok Labs Discusses Evolving Payment Fraud Schemes As e-commerce explodes during the global CIVD-19 pandemic, transaction authentication is more critical for fraud prevention, says Phil Dunkelberger of Nok Nok Labs, who discusses the latest fraud trends
Data Breach Today
JUNE 10, 2019
Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions
Data Breach Today
MAY 31, 2019
OneSpan's Tim Bedard on Evolutionary Strategies and Controls The right authentication controls at the right time for the right transactions - the adaptive authentication message is taking off, says OneSpan's Tim Bedard. And here are some quick wins organizations might focus on when starting down the path
Jamf
JUNE 14, 2021
Jamf Connect expands secure identity and access to resources with Jamf Unlock, passwordless authentication from an iPhone app to securely unlock Mac and the resources needed to be productive
Thales Cloud Protection & Licensing
FEBRUARY 24, 2021
Overview of Authentication Mechanisms. In this regard, continuously authenticating users who are accessing corporate resources helps maintain trust in distributed IT environments. Many businesses tend to implement OOB authentication via SMS texts. X.509 Authentication.
Krebs on Security
AUGUST 1, 2018
What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security. Of particular note is that although the Reddit employee accounts tied to the breach were protected by SMS-based two-factor authentication, the intruder(s) managed to intercept that second factor. APP-BASED AUTHENTICATION.
Data Breach Today
APRIL 1, 2019
Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey OneSpan's Tim Bedard Analyzes New Banking Security Survey How well can banking institutions apply the right amount of security to the right transactions at the right time?
WIRED Threat Level
MAY 9, 2021
The tech giant wants to push its billions of users—and the rest of the industry—to enable multifactor authentication by default. Security Security / Security News
Data Breach Today
SEPTEMBER 13, 2019
14 deadline for compliance with the new PSD2 "strong customer authentication" requirements for electronic payments, it may take a while for European consumers to notice authentication changes Banks, Merchants, Processors Struggling to Comply With Mandate Because banks, fintech firms, merchants and payments processors in the EU have struggled to meet the Sept.
Data Breach Today
MARCH 8, 2021
CyberEdBoard Executive Members, Bernardo Vasquez and Rob Hornbuckle, guest speak on panel at ISMG Identity & Access Management Virtual Cybersecurity Summit
Data Breach Today
MARCH 26, 2019
Nok Nok Lab's Philip Dunkelberger on Why Traditional Authentication Won't Work With the advent of the internet of things, authentication needs to be far more scalable, says Phillip Dunkelberger, CEO of Nok Nok Labs
HID Global
JULY 19, 2021
Hospital Future Act (KHZG) & Biometric Authentication. mzillig. Mon, 07/19/2021 - 09:20
Data Breach Today
NOVEMBER 19, 2018
Database Blunder Left Two-Step Codes, Account Reset Links Exposed A database security blunder revealed on Friday serves as a reminder that the days of SMS-based authentication should be over. The exposed database, which wasn't protected by a password, contained 26 million text messages, many of which were two-step verification codes and account-reset links
The Last Watchdog
MAY 26, 2020
Doing authentication well is vital for any company in the throes of digital transformation. Related: Locking down ‘machine identities’ At the moment, companies are being confronted with a two-pronged friction challenge, when it comes to authentication.
Data Breach Today
NOVEMBER 6, 2018
Shane Weeden, and authentication expert with IBM Security, discusses the future of authentication and why he's encouraged by the FIDO2 initiative As we approach 2019, is it realistic to think the end of our dependency on traditional user names and passwords is in sight?
Let's personalize your content