Getty Images Google is making it easier for people to lock down their accounts with strong multi-factor authentication by adding the option to store secure cryptographic keys in the form of passcodes instead of on physical token devices. Google’s Advanced Protection Program, introduced in 2017, requires the strongest form of multi-factor authentication (MFA). While many … Read more
The RADIUS authentication scheme, short for “Remote Authentication Dial-In User Service”, has been widely deployed for user authentication in a variety of scenarios. It’s a bit strange, because individual users authenticate to a “RADIUS Client”, sometimes also called a Network Access Server (NAS). In response to an authentication request, a NAS packages the authentication data … Read more
Google updates Advanced Protection Program SOPA Images/LightRocket via Getty Images Nearly 2 billion people use the free Gmail email service, with over 300 billion emails flowing through the service every day. It’s no wonder then that your Google Account, which unlocks the door to that Gmail data, is a prime target for criminals and state-sponsored … Read more
Microsoft will require its employees in China to only use iPhones because of improved security features. The move comes as Microsoft is undertaking a major cybersecurity overhaul. The project, known internally as the Secure Future Initiative, comes after Microsoft came under fire for its substandard security practices. Microsoft’s new policy, which goes into effect in … Read more
A new, serious vulnerability has been discovered in the popular network authentication protocol RADIUS. This protocol is used by networks around the world to help users connect to their services (from broadband ISPs to VPNs, mobile operators and more). It could expose users to Man-in-the-Middle (MitM) attacks. The vulnerability, which has been given the name … Read more
Image source, Blavatnik School of Government Image caption, Ciaran Martin, former head of the National Cyber Security Centre, said the hack was “one of the most serious cyber incidents in British history” Article information Author, Guy Lynn and Stephen Menon Role, BBC Investigations, London tweeting, @guy_lynn July 8, 2024, 01:18 BST A leading cyber security … Read more
Image source, Blavatnik School of Government Image caption, Ciaran Martin, former head of the National Cyber Security Centre, said the hack was “one of the most serious cyber incidents in British history” Article information Author, Guy Lynn and Stephen Menon Role, BBC Investigations, London tweeting, @guy_lynn July 8, 2024, 01:18 BST A leading cyber security … Read more
The big news this week was that OpenSSH has an unauthorized Remote Code Execution exploit. Or more precisely, it had one that was fixed in 2006, which was inadvertently reintroduced in 2021’s 8.5p1. The flaw is a signal handler race condition, where async-unsafe code is called from the SIGALARM handler. What does that mean? To … Read more
Largest ever password leak in database confirmed getty The world’s largest collection of stolen passwords has been uploaded to a notorious criminal marketplace where cybercriminals trade such credentials. A hacker using the name “ObamaCare” has posted a database of nearly 10 billion unique passwords believed to have been collected from numerous data breaches and hacks … Read more
Keen hackers better hope they didn’t upset any cybersecurity folks by updating their Traeger grilles, because a new, very serious vulnerability could be used for all sorts of crazy things. With summer in full swing in the Northern Hemisphere, that means BBQ season is right around the corner. And since Traeger is one of the … Read more