Caffeine junkies are up in arms over reports that criminals have been targeting their Starbucks account balances. But the real story is poor password-picking practices by consumers, and Starbucks' lack of multi-factor authentication.
What is the Identity Ecosystem Framework, and why is it so important for security professionals to embrace? Kimberly Little Sutherland of LexisNexis Risk Solutions shares insights on the future of online identity.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
During her first month on the job, former Secretary of State Hillary Clinton used a private email server that lacked a digital certificate that would have ensured encrypted and authenticated email communications, surmises security firm Venafi.
The White House Summit on Cybersecurity and Consumer Protection late last week served as the stage for more than a dozen companies and trade groups to announce new initiatives aimed at securing Internet transactions and payments and reducing fraud.
Even a few weeks after the RBI announced its plan to consider removal of the two-factor authentication requirement for small-value transactions, security critics continue to react strongly against the notion.
In the wake of an "inebriated" government employee crashing a drone on the White House lawn, federal officials sound warnings over the potential weaponization of consumer drones. But is it anything more than a Hollywood-style movie plot?
The increase in sophisticated hacking attacks will lead other sectors to follow the lead of the financial services industry in implementing multifactor authentication, says Ken Hunt, CEO of VASCO Data Security International.
The Reserve Bank of India is considering removal of its two-factor authentication requirement for small-value transactions. The goal: to facilitate easier transactions. But security experts fear the move may actually increase fraud.
Security experts see the FIDO Alliance's release of two universal authentication specifications as a positive move in the effort to eliminate passwords. But the standards' impact will be minimal unless they're widely adopted.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.