How Does Passwordless Authentication Work?

By |April 8th, 2019|Categories: Articles|Tags: , , , |

What is Passwordless Authentication? Passwordless authentication is any method of verifying the identity of a user that does not require the user to provide a password. Instead of passwords, proof of identity can be done based on possession of something that uniquely identifies the user (e.g. a one-time password generator, a registered mobile device, or a hardware token), or the user’s [...]

Password Spraying – The Citrix Breach

By |March 18th, 2019|Categories: Articles|Tags: , |

On March 8, Citrix posted a statement confirming that the company's internal network had been breached. Citrix became aware of the attack a couple of days earlier when the FBI advised that they had reason to believe that cyber criminals gained access to Citrix’s internal network. Cybersecurity firm Resecurity claimed it had alerted Citrix to the attack as early as December [...]

How stolen passwords are damaging the cybersecurity industry

By |February 21st, 2019|Categories: Articles|Tags: , , |

On February 14, dating site Coffee Meets Bagel sent an email to its users, informing them that an unauthorized party may have gained access to their data. This is not the kind of Valentine’s Day message you would expect from a website that is supposed to help you find love. Coffee Meets Bagel was part of bundle online services whose stolen [...]

Big Credential Breaches

By |February 12th, 2019|Categories: Articles|Tags: , |

In today’s digital threat landscape, large-scale information compromise is no longer big news. Averaging one a month, hackers have consistently managed to execute major breaches against organizations the world over, resulting in millions of compromised identities But the sheer scale of the most recent mega breach makes it something unique. Dubbed Collection #1 by its discoverer Troy Hunt, the breach amounts [...]

Establishing strong authentication for PSD2

By |January 31st, 2019|Categories: Articles|Tags: , , , , |

September 14, 2019 will mark a milestone date for the online payment industry. That’s when the Strong Customer Authentication (SCA) regulation will come into effect. As part of the Revised Payment Service Directive (PSD2), SCA imposes stricter security rules on payment service providers to protect customers and merchants against the mounting threat of online fraud. Whether you’re running a business that [...]

Preventing Corporate Account Takeover (CATO)

By |January 14th, 2019|Categories: Articles|Tags: , , |

Businesses of all types and sizes present attractive targets for today’s cybercriminals. This is due to the simple fact that user accounts attached to organizations tend to give access to more assets than private ones. As the sophistication of cyber criminals has increased, the threat of the Corporate Account Takeover (CATO) has grown in tandem. For years, incidents of CATO have, [...]

Password- Based Authentication: Vulnerabilities And Alternative Solutions

By |December 5th, 2018|Categories: Articles|Tags: , , , , , |

The password has been the staple of authentication for years. While passwords are still very much a part of our information technology landscape, they have been on the decline for more than a decade. “There is no doubt that over time, people are going to rely less and less on passwords,” adding that passwords “just don’t meet the challenge for anything [...]

Credential Stuffing – HSBC Case Study

By |November 26th, 2018|Categories: Articles|Tags: , , |

Earlier this month, HSBC Bank, one of the seven largest financial organizations in the world, issued a warning to its customers that their personal information may have been compromised in a recent data breach. HSBC officials say the breach appeared to run from the 4th through the 14th of October. After spotting the breach, the bank announced that it had "suspended [...]

California Weak Password Ban

By |October 10th, 2018|Categories: Articles|Tags: , , |

In new legislation, California decided to ban easy to guess, default passwords. The bill entitled SB-327, or Information Privacy: Connected Devices demands that electronics manufacturers in California equip their products with "reasonable" security features. What does this mean practically for users? All those generic passwords such as “Admin” and “Password” will be prohibited. Starting 2020 when the law comes into effect, [...]

The Ultimate Guide to Man in the Middle (MITM) Attacks and How to Prevent them

By |October 8th, 2018|Categories: Articles|Tags: , , |

In the realm on protecting digital information, a man-in-the-middle (MITM) attack is one of the worst things that can happen to an individual or organization. MITM attacks happen when an unauthorized actor manages to intercept and decipher communications between two parties and monitors or manipulates the exchanged information for malicious purposes. For instance, hackers can stage MITM attacks to steal sensitive [...]

Certificates and Inherit Trust

By |September 23rd, 2018|Categories: Articles|Tags: , , , |

On the Octopus Blog, we’ve delved quite a bit into the vulnerabilities of contemporary encryption standards. The system of Public Key Infrastructure (PKI) which forms the basis of most of the worlds authentication platforms, while presenting a powerful, easy to use encryption model, still left several holes through which attackers can breach networks and steal identities. Perhaps the single biggest problem [...]

What a Government Security Audit Teaches us About Password Vulnerabilities

By |September 3rd, 2018|Categories: Articles|Tags: , |

Security firms and experts constantly encourage companies and organizations to enforce strong password policies to prevent the accounts of their employees and users from getting hacked. But what happens when an organization does enforce password policies? Employees knowingly find workarounds and continue to choose weak passwords that conform to those policies. At least that’s what a recent audit of 17 Western [...]

SamSam Ransomware: The Enemy of Weak Passwords

By |August 8th, 2018|Categories: Articles|Tags: , |

In recent years ransomware attacks have become a rampant threat. 2017 saw some of the most destructive waves of ransomware attacks across the world. The most notable of these attacks was the WannaCry outbreak in May, which infected hundreds of thousands of computers in more than 150 countries in the span of a few days. A month later, the NotPetya ransomware [...]

Howdy,
Search exact
Search sentence
Buy Premium Version to add more powerful tools to this place. https://wpclever.net/downloads/wp-admin-smart-search