Statetechmagazine

Security Authentication Tokens Can Help Counter Government Cyberthreats

With no shortage of cybersecurity risks in state and local government, state CIOs expect enterprise identity and access management solution adoption or expansion to be the cybersecurity initiative ...
Homeland Security Today

NSA Advisory: Detecting Abuse of Authentication Mechanisms

Malicious cyber actors are abusing trust in federated authentication environments to access protected data. An “on premises” federated identity provider or single sign-on (SSO) system lets an ...
Biometric Update

NIST warns token security remains a critical weakness in cloud, federal systems

The report focuses on the cryptographic objects that modern systems use to authenticate users, devices, and software services ...
Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
Bleeping Computer

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
TechRepublic

6 Best Multi-Factor Authentication (MFA) Solutions

Multi-factor authentication requires users to present two or more pieces of evidence to prove their identity, such as a password and a one-time code sent to an ...
IT Business Edge

Five Most Common Security Attacks on Two-Factor Authentication

Following some high-profile password hacks, companies like Apple, Twitter and Evernote have moved to shore up their systems with two-factor authentication. Said to be a great missing security link in ...