Vulnerability allows Yubico security keys to be cloned

Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacker … Continue reading Vulnerability allows Yubico security keys to be cloned

Google Releases Security Key Implementation Resilient to Quantum Attacks

Google has released the first quantum-resilient FIDO2 security key implementation as part of its OpenSK project.
The post Google Releases Security Key Implementation Resilient to Quantum Attacks appeared first on SecurityWeek.
Continue reading Google Releases Security Key Implementation Resilient to Quantum Attacks

Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)

Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching – among other things – a type confusion flaw in the WebKit component (CVE-2022-42856) that could be exploited for remote code execution on older iPhones and iP… Continue reading Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)

Using the random motion of electrons to improve cybersecurity

In October 2017, Yahoo! disclosed a data breach that had leaked sensitive information of over 3 billion user accounts, exposing them to identity theft. The company had to force all affected users to change passwords and re-encrypt their credentials. In… Continue reading Using the random motion of electrons to improve cybersecurity

How do I select a hardware security module for my business?

Protecting your data has never been more important, and the best way to do it is by using encryption keys. These keys should then be stored inside a hardware security module which secures and manages them. To select a suitable hardware security module … Continue reading How do I select a hardware security module for my business?

Platform or roaming FIDO2 authenticators: Which one is right for your workforce?

One of the main criticisms of any advanced authentication system is usability. In FIDO2 multi-factor authentication (MFA), platform authenticators aim to be the answer to our usability woes, but do they improve the user experience and are they enterpri… Continue reading Platform or roaming FIDO2 authenticators: Which one is right for your workforce?

Researchers design a way to make encrypted keys harder to crack

As more private data is stored and shared digitally, researchers are exploring new ways to protect data against attacks from bad actors. Current silicon technology exploits microscopic differences between computing components to create secure keys, but… Continue reading Researchers design a way to make encrypted keys harder to crack

Make your own security key with Google’s OpenSK

Google has open-sourced OpenSK, firmware that, combined with an affordable chip dongle, allows you to make your own security key to use for authentication purposes. About OpenSK OpenSK isan open-source implementation for security keys that supports bot… Continue reading Make your own security key with Google’s OpenSK