Web Authentication and Access Control
- September 16, 2015
A new report details how attackers can fly under the radar by using stolen credentials in order to avoid breach detection and forgoing the use of malware in malicious activity.
- June 11, 2015
Agencies from U.S. and U.K. governments now support the FIDO Alliance and its open standards for passwordless authentication.
- March 25, 2015
Google, Microsoft, and Mozilla have revoked unauthorized TLS certificates issued by an intermediate certificate authority that could have been used in man-in-the-middle attacks.
- March 11, 2015
A growing number of cryptographic keys and security certificates are being abused, according to a new study from cybersecurity firm Venafi and the Ponemon Institute.
- December 09, 2014
Amid growing fears of stolen credentials and data breaches, the FIDO Alliance released its long-awaited 1.0 specifications for passwordless and multifactor authentication systems.
- September 08, 2014
Data from McAfee shows many organizations have yet to fully patch the Heartbleed vulnerability, and as many as 300,000 websites remain at risk.
- August 08, 2014
News roundup: When a breach occurs, it's common practice to share the information with victims -- both the users and the companies involved. However, Hold Security's billion-password hack disclosure hasn't followed standard procedure.
- June 05, 2014
Despite the popularity of SAML, the mobile and cloud benefits of OpenID Connect may spur adoption as an enterprise authentication platform.
- December 15, 2011
Following a breach to a GlobalSign Web server, an extensive investigation found no evidence of an infiltration of its digital certificate infrastructure and no leakage of its certificate keys.
- June 07, 2011
Following a retooling of its manufacturing and supply chain management processes, RSA plans to replace security tokens for high risk customers.
- August 30, 2010
CA said Arcot's software as a service delivery model could help accelerate its delivery of CA identity and access management technologies from the cloud.
- August 26, 2010
Hardware-based security is in use at some enterprises and gains in virtualization are predicted on the horizon, but the technology has seen slow adoption.
- April 20, 2010
Too many employees are given access to systems they don't need, according to a survey conducted by the Ponemon Institute.
- December 07, 2009
Cybercriminals target Yahoo and other hosting services using a new phishing campaign to hijack accounts and commit bank fraud.
- October 27, 2009
Identity management technologies are struggling to keep pace with constantly evolving nature of attacks, according to the Center for Applied Identity Management Research (CAIMR).