Lucene search
+L

102 matches found

thn
thn
added 2024/09/20 5:33 a.m.15 views

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even...

7AI score
Exploits0
thn
thn
added 2024/07/10 10:6 a.m.19 views

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program APP. "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said...

6.7AI score
Exploits0
thn
thn
added 2024/05/30 6:52 a.m.12 views

Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

Okta is warning that a cross-origin authentication feature in Customer Identity Cloud CIC is susceptible to credential stuffing attacks orchestrated by threat actors. "We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for...

7.6AI score
Exploits0
malwarebytes
malwarebytes
added 2024/05/16 11:45 a.m.15 views

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

More and more websites and services are making multi-factor-authentication MFA mandatory, which makes it much harder for cybercriminals to access your accounts. Thats a great thing. But as security evolves, so do cybercriminals who are always looking for new ways to scam us. A type of phishing we...

7.5AI score
Exploits0
thn
thn
added 2024/05/03 6:40 a.m.19 views

Google Announces Passkeys Adopted by Over 400 Million Accounts

Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion times over the past two years. "Passkeys are easy to use and phishing resistant, only relying on a fingerprint, face scan or a pin making them 50% faster than...

6.9AI score
Exploits0
mssecure
mssecure
added 2024/05/02 1:0 p.m.22 views

Microsoft introduces passkeys for consumer accounts

Ten years ago, Microsoft envisioned a bold future: a world free of passwords. Every year, we celebrate World Password Day by updating you on our progress toward eliminating passwords for good. Today, we’re announcing passkey support for Microsoft consumer accounts, the next step toward our vision...

7.2AI score
Exploits0
spring
spring
added 2024/04/26 12:0 a.m.13 views

A Bootiful Podcast: Daniel Garnier-Moiroux on Passkeys and Spring Security

Hi, Spring fans! In this installment, I talk to my friend and colleague Daniel Garnier-Moiroux about the amazing awesome implications of passkeys in a Spring Security application...

7.1AI score
Exploits0
schneier
schneier
added 2024/02/12 4:49 p.m.15 views

On Passkey Usability

Matt Burgess tries to only use passkeys. The results are mixed...

7.3AI score
Exploits0
wired
wired
added 2024/02/08 12:0 p.m.19 views

I Stopped Using Passwords. It's Great—and a Total Mess

Passkeys are here to replace passwords. When they work, it’s a seamless vision of the future. But don’t ditch your old logins just yet...

7.2AI score
Exploits0
malwarebytes
malwarebytes
added 2023/12/12 11:39 a.m.15 views

The sound of you typing on your keyboard could reveal your password

As if password authentications coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed at Durham University, the University of Surrey, and Royal Holloway University of London, builds on previous work to produce a more accurate...

7AI score
Exploits0
malwarebytes
malwarebytes
added 2023/12/12 11:39 a.m.18 views

The sound of you typing on your keyboard could reveal your password

As if password authentications coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed at Durham University, the University of Surrey, and Royal Holloway University of London, builds on previous work to produce a more accurate...

7AI score
Exploits0
malwarebytes
malwarebytes
added 2023/11/29 10:41 p.m.13 views

Many major websites allow users to have weak passwords

A new study that examines the current state of password policies across the internet shows that many of the most popular websites allow users to create weak passwords. For the Georgia Tech study, the researchers designed an algorithm that automatically determined a website’s password policy. With...

7.7AI score
Exploits0
wired
wired
added 2023/11/15 6:15 p.m.17 views

Google’s New Titan Security Key Adds Another Piece to the Password-Killing Puzzle

The new generation of hardware authentication key includes support for cryptographic passkeys as Google pushes adoption of the more secure login alternative...

7.5AI score
Exploits0
malwarebytes
malwarebytes
added 2023/10/27 5:11 a.m.100 views

Update now! Apple patches a raft of vulnerabilities

Apple has released security updates for its phones, iPads, Macs, watches and TVs. Updates are available for these products: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th...

6.8CVSS8.8AI score0.51517EPSS
Exploits5
osv
osv
added 2023/10/25 7:15 p.m.6 views

CVE-2023-42847

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication...

7.5CVSS5.7AI score0.00867EPSS
Exploits0References6
osv
osv
added 2023/10/25 7:15 p.m.5 views

CVE-2023-40401

The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.6.1. An attacker may be able to access passkeys without authentication...

7.5CVSS5.7AI score0.00989EPSS
Exploits0References6
prion
prion
added 2023/10/25 7:15 p.m.23 views

Authentication flaw

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication...

5CVSS6.5AI score0.00867EPSS
Exploits0References6Affected Software3
prion
prion
added 2023/10/25 7:15 p.m.12 views

Authentication flaw

The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.6.1. An attacker may be able to access passkeys without authentication...

5CVSS6.6AI score0.00989EPSS
Exploits0References6Affected Software1
cve
cve
added 2023/10/25 6:31 p.m.270 views

CVE-2023-40401

CVE-2023-40401 affects macOS Ventura prior to the 13.6.1 security update. The issue, tracked under Passkeys, could allow an attacker to access passkeys without authentication. Apple fixed this in macOS Ventura 13.6.1 by adding permissions checks. The NVD assigns a CVSS v3.1 base score of 7.5 (Hig...

7.5CVSS6.5AI score0.00989EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2023/10/25 6:31 p.m.25 views

CVE-2023-40401

The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.6.1. An attacker may be able to access passkeys without authentication...

7AI score0.00989EPSS
Exploits0References6
Rows per page
Query Builder