CISA: Use Signal or other secure communications app

In the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, CISA is advising “highly targeted individuals” – senior govern… Continue reading CISA: Use Signal or other secure communications app

Faraway Russian hackers breached US organization via Wi-Fi

Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target’s e… Continue reading Faraway Russian hackers breached US organization via Wi-Fi

Iranian hackers are going after critical infrastructure sector passwords, agencies caution

An international advisory says that the purpose of the “brute force” attacks is to sell the info to cybercrime forums.

The post Iranian hackers are going after critical infrastructure sector passwords, agencies caution appeared first on CyberScoop.

Continue reading Iranian hackers are going after critical infrastructure sector passwords, agencies caution

How hybrid workforces are reshaping authentication strategies

In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. He advocates for zero trust strategies, including MFA and behavioral biometric… Continue reading How hybrid workforces are reshaping authentication strategies

Vulnerability allows Yubico security keys to be cloned

Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacker … Continue reading Vulnerability allows Yubico security keys to be cloned