More results...
In this Help Net Security interview, Tomasz Kowalski, CEO at Secfense emphasizes the significance of multi-factor authentication in the corporate landscape, highlights the use of microauthorizations to improve the security of protected applications, an…
Jenny Blessing and Ross Anderson have evaluated the security of systems designed to allow the various Internet messaging platforms to interoperate with each other:
The Digital Markets Act ruled that users on different platforms should be able to exchange messages with each other. This opens up a real Pandora’s box. How will the networks manage keys, authenticate users, and moderate content? How much metadata will have to be shared, and how?
In our latest paper, One Protocol to Rule Them All? On Securing Interoperable Messaging, we explore the security tensions, the conflicts of interest, the usability traps, and the likely consequences for individual and institutional behaviour…
My mother is 67 years old. She is a brilliant woman, educated and not at all afraid of technology. Yet, when I tried to get her to install Google Authenticator and use multi-factor authentication (MFA) for logging into applications, she found herself s…
In this Help Net Security video, Liudas Kanapienis, CEO of Ondato, discusses the impact of AI on the future of ID verification and how it is transforming the way identities are being verified.
The post The impact of AI on the future of ID verification …
Today, phishing is the fastest growing Internet crime, and a threat to both consumers and businesses. Finance, technology, and telecom brands were the most commonly impersonated industries, notably for the unprecedented access and financial benefit tha…
Passwords are still the weakest link in an organization’s network, as proven by the analysis of over 800 million breached passwords, according to Specops Software. The study found 88% of passwords used in successful attacks consisted of 12 charac…
Starting March 13, GitHub will gradually introduce the 2FA enrollment requirement to groups of developers and administrators, beginning with smaller groups. This measured approach allows the platform to ensure successful onboarding and make necessary a…
A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank.
Twitter has recently announced a change that baffled many users previously using SMS-based two-factor authentication…
Twitter Restricts SMS-based 2FA To Twitter Blue Users – Other 2FA Will Work on Latest Hacking News | Cyber Security News, Hackin…
A group of Swiss researchers have published an impressive security analysis of Threema.
We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. As one example, we present a cross-protocol attack which breaks authentication in Threema and which exploits the lack of proper key separation between different sub-protocols. As another, we demonstrate a compression-based side-channel attack that recovers users’ long-term private keys through observation of the size of Threema encrypted back-ups. We discuss remediations for our attacks and draw three wider lessons for developers of secure protocols…