Authenticating Humans While Removing the Human Factor

By |May 16th, 2019|Categories: Articles|Tags: , |

We’ve all seen the classic hacker movie set-up. A master cyber criminal breaks into a network using his superior skills and top notch equipment. This is the type of story that’s really fun to watch. But it’s also science fiction. In the real world hackers usually don’t orchestrate elaborate hacks to penetrate systems. They aim to steal credentials. Why hack when [...]

What Passwordless Authentication Prevents?

By |May 1st, 2019|Categories: Articles|Tags: , , , |

If we could sum up our message at Secret Double Octopus, it would be that password authentication is outdated and dangerous. While the general risks of weak authentication are well known, often users don’t quite understand the full implications of this threat. We therefore decided to use this post to provide a more comprehensive overview of all the vulnerabilities of passwords--and [...]

Password Mangers Vs. Passwordless Authentication

By |April 24th, 2019|Categories: Articles|Tags: , , |

Password management apps have become a common tool for both the individual consumer and businesses. On the surface, the attraction of these platforms is understandable. Password managers provide easy solutions for many of the tasks that go into keeping a handle on login credentials, from managing passwords for different accounts to sharing options between users. While the adoption of password managers [...]

How Does Passwordless Authentication Work?

By |April 8th, 2019|Categories: Articles|Tags: , , , |

What is Passwordless Authentication? Passwordless authentication is any method of verifying the identity of a user that does not require the user to provide a password. Instead of passwords, proof of identity can be done based on possession of something that uniquely identifies the user (e.g. a one-time password generator, a registered mobile device, or a hardware token), or the user’s [...]

Password Spraying – The Citrix Breach

By |March 18th, 2019|Categories: Articles|Tags: , |

On March 8, Citrix posted a statement confirming that the company's internal network had been breached. Citrix became aware of the attack a couple of days earlier when the FBI advised that they had reason to believe that cyber criminals gained access to Citrix’s internal network. Cybersecurity firm Resecurity claimed it had alerted Citrix to the attack as early as December [...]

How stolen passwords are damaging the cybersecurity industry

By |February 21st, 2019|Categories: Articles|Tags: , , |

On February 14, dating site Coffee Meets Bagel sent an email to its users, informing them that an unauthorized party may have gained access to their data. This is not the kind of Valentine’s Day message you would expect from a website that is supposed to help you find love. Coffee Meets Bagel was part of bundle online services whose stolen [...]

Big Credential Breaches

By |February 12th, 2019|Categories: Articles|Tags: , |

In today’s digital threat landscape, large-scale information compromise is no longer big news. Averaging one a month, hackers have consistently managed to execute major breaches against organizations the world over, resulting in millions of compromised identities But the sheer scale of the most recent mega breach makes it something unique. Dubbed Collection #1 by its discoverer Troy Hunt, the breach amounts [...]

Establishing strong authentication for PSD2

By |January 31st, 2019|Categories: Articles|Tags: , , , , |

September 14, 2019 will mark a milestone date for the online payment industry. That’s when the Strong Customer Authentication (SCA) regulation will come into effect. As part of the Revised Payment Service Directive (PSD2), SCA imposes stricter security rules on payment service providers to protect customers and merchants against the mounting threat of online fraud. Whether you’re running a business that [...]

Preventing Corporate Account Takeover (CATO)

By |January 14th, 2019|Categories: Articles|Tags: , , |

Businesses of all types and sizes present attractive targets for today’s cybercriminals. This is due to the simple fact that user accounts attached to organizations tend to give access to more assets than private ones. As the sophistication of cyber criminals has increased, the threat of the Corporate Account Takeover (CATO) has grown in tandem. For years, incidents of CATO have, [...]

Password- Based Authentication: Vulnerabilities And Alternative Solutions

By |December 5th, 2018|Categories: Articles|Tags: , , , , , |

The password has been the staple of authentication for years. While passwords are still very much a part of our information technology landscape, they have been on the decline for more than a decade. “There is no doubt that over time, people are going to rely less and less on passwords,” adding that passwords “just don’t meet the challenge for anything [...]

Credential Stuffing – HSBC Case Study

By |November 26th, 2018|Categories: Articles|Tags: , , |

Earlier this month, HSBC Bank, one of the seven largest financial organizations in the world, issued a warning to its customers that their personal information may have been compromised in a recent data breach. HSBC officials say the breach appeared to run from the 4th through the 14th of October. After spotting the breach, the bank announced that it had "suspended [...]

California Weak Password Ban

By |October 10th, 2018|Categories: Articles|Tags: , , |

In new legislation, California decided to ban easy to guess, default passwords. The bill entitled SB-327, or Information Privacy: Connected Devices demands that electronics manufacturers in California equip their products with "reasonable" security features. What does this mean practically for users? All those generic passwords such as “Admin” and “Password” will be prohibited. Starting 2020 when the law comes into effect, [...]

The Ultimate Guide to Man in the Middle (MITM) Attacks and How to Prevent them

By |October 8th, 2018|Categories: Articles|Tags: , , |

In the realm on protecting digital information, a man-in-the-middle (MITM) attack is one of the worst things that can happen to an individual or organization. MITM attacks happen when an unauthorized actor manages to intercept and decipher communications between two parties and monitors or manipulates the exchanged information for malicious purposes. For instance, hackers can stage MITM attacks to steal sensitive [...]

Howdy,
Search exact
Search sentence
Buy Premium Version to add more powerful tools to this place. https://wpclever.net/downloads/wp-admin-smart-search