HackDig : Dig high-quality web security articles for hacker

The More Authentication Methods, the Merrier

An Increasingly Diverse, Dynamic Workforce Is Driving Dramatic Change in How Users AuthenticateRemember when being part of an organization’s workforce meant being an employee of that organization, and being “at work” meant sitting in an office at a desktop? In today’s digital age, the latter hasn’t been the case for many people for quite a long time, and in
Publish At:2020-01-24 12:00 | Read:136 | Comments:0 | Tags:INDUSTRY INSIGHTS Identity & Access

Microsoft Exposed 250 Million Customer Support Records

Nearly 250 million Microsoft Customer Service and Support (CSS) records were found exposed to the Internet in five insecure Elasticsearch databases, Comparitech reports.The records on those servers contained 14 years’ worth of logs of conversations between support agents and customers, all of which could be accessed by anyone directly from a browser, without
Publish At:2020-01-22 10:15 | Read:152 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Cloud Security Dat

Source Code Released for All ProtonVPN Apps

Proton Technologies, the company best known for its privacy-focused email service ProtonMail, this week announced that the source code for all of its ProtonVPN virtual private network (VPN) applications has been made public after each app underwent independent security audits.The source code for the Android, iOS, macOS and Windows versions of ProtonVPN are n
Publish At:2020-01-22 10:15 | Read:133 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Compliance Identity &

Facebook Introduces New Login Alerts

Facebook this week introduced a new notification to alert users when their accounts interact with a third-party application using Facebook Login.Dubbed “Login Notifications,” the new feature is meant to provide users with increased control over their data, the social platform says. The Login Notifications are triggered when a user logs into a third-part
Publish At:2020-01-16 22:15 | Read:119 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Many High-Risk Users Have Bad Security Habits: Google Survey

High-risk users are aware that they are more likely to be targeted by hackers compared to the general population, but many of them still have bad security habits, a Google survey shows.High-risk user groups include business executives, politicians and their staff, activists, journalists and online influencers. Individuals in these categories are more likely
Publish At:2020-01-16 22:15 | Read:255 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Risk Management Ma

Trusona Raises $20 Million in Series C Funding Round

Passwordless multi-factor authentication technology provider Trusona this week announced it has raised $20 million as part of a Series C funding round led by Georgian Partners.Scottsdale, Arizona-based Trusona was founded in 2015 by Ori Eisen, who also acts as CEO. The company’s platform is used by organizations in the financial services, healthcare, higher
Publish At:2020-01-15 22:15 | Read:194 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Management & S

Google Simplifies Enrollment Process for Advanced Protection Program

Google announced on Wednesday that it has simplified the enrollment process for its Advanced Protection Program and it now allows users to activate a security key on their iPhone.Google’s Advanced Protection Program (APP) is designed to help high-risk users add an extra layer of protection to their account through the use of security keys.High-risk users are
Publish At:2020-01-15 22:15 | Read:193 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Identity & Access Ri

Major U.S. Mobile Carriers Vulnerable to SIM Swapping Attacks

Weak security measures in place at several major wireless carriers in the United States make it easy for attackers to perform SIM swap attacks on prepaid mobile accounts, a recent study found.In a SIM swapping attack, social engineering is used to convince a wireless services provider to hand over control of the victim’s phone number by modifying the SIM car
Publish At:2020-01-14 22:15 | Read:362 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Identity & Access

Half Protected is Half Empty, Not Half Full

Threat actors tend to focus on the human element as the weakest link in the cyber-attack chain, often using stolen, weak, default, or otherwise compromised credentials to gain access to their victim’s environment. From there, then typically move laterally to exfiltrate sensitive data they can monetize. There are endless examples for this tactic, ranging from
Publish At:2020-01-08 22:15 | Read:181 | Comments:0 | Tags:INDUSTRY INSIGHTS Identity & Access

Facebook, Samsung, Ring Unveil New Privacy, Security Tools at CES 2020

Facebook, Samsung and Ring have unveiled new or improved privacy and security tools at the 2020 CES consumer electronics show taking place this week in Las Vegas.Facebook announced a revamped version of Privacy Checkup, a tool launched in 2014 in an effort to make it easier for users to manage the information they share on the social media network.The improv
Publish At:2020-01-07 12:00 | Read:180 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Application Security Compliance

Evolution of OpenSSL Security After Heartbleed

OpenSSL has evolved a great deal in terms of security since the disclosure of the Heartbleed vulnerability back in 2014.OpenSSL, an open source library that implements the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, is widely used by organizations to protect communications.In April 2014, the world learned that OpenSSL was affecte
Publish At:2019-12-26 10:15 | Read:446 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Identity & Access Sec

Data of Honda Owners in North America Exposed Online

An Elasticsearch cluster containing information on Honda owners in North America was recently found to be accessible from the Internet without any authentication.Discovered on December 11, 2019, by security researcher Bob Diachenko, the database was part of Honda North America infrastructure and it contained 976 million records.Of these, around 1 million rec
Publish At:2019-12-23 10:16 | Read:341 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Cloud Security Dat

Massive Errors Found in Facial Recognition Tech: US Study

Facial recognition systems can produce wildly inaccurate results, especially for non-whites, according to a US government study released Thursday that is likely to raise fresh doubts on deployment of the artificial intelligence technology.The study of dozens of facial recognition algorithms showed "false positives" rates for Asian and African American as muc
Publish At:2019-12-20 10:15 | Read:187 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Google to Ban Less Secure Apps in G Suite

Google this week announced plans to turn off access to G Suite account data for less secure apps (LSAs), as they represent a potential security risk for users.LSAs are non-Google apps that have been granted access to Google accounts, but which only employ a username and password for login. Thus, they make accounts more vulnerable to hijacking attempts, unlik
Publish At:2019-12-17 10:15 | Read:498 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Identity & Acce

OPSWAT Acquires Network Access Control Provider Impulse

Critical infrastructure protection company OPSWAT has acquired Network Access Control (NAC) and Software Defined Perimeter (SDP) solutions provider Impulse.OPSWAT helps organizations implement processes to ensure that files and devices are securely transferred to and from critical networks. The company says it provides services to over 98% of U.S. nuclear po
Publish At:2019-12-15 12:00 | Read:294 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Identity & Access M


Share high-quality web security related articles with you:)


Tag Cloud