Authentication Tag

Google Unveils Major Update to Authenticator App with Cloud Sync Option.   In a major update to its Authenticator app, Google has added an account synchronisation option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud.   The update, which also brings a new icon to the two-factor authenticator (2FA) app, finally brings it in line with Apple's iCloud Keychain and addresses a...

Read More

Single sign-on (SSO) is a widely-used authentication method that allows users to access multiple applications using just one set of credentials. It is considered the gold standard for security as it eliminates the need for users to remember multiple passwords and can be further secured with multi-factor authentication (MFA).   In fact, an estimated 61% of attacks stem from stolen credentials, and SSO reduces the attack surface...

Read More

Popular e-commerce plug-in, WooCommerce, used for WordPress-based online stores, has been found to contain a critical vulnerability that could allow attackers to take over websites.   While technical details about the vulnerability have not been published, the WooCommerce team has released updates, and attackers could reverse-engineer the patch. The vulnerability allows for unauthenticated administrative takeover of websites. Website administrators using this plugin are advised to issue the...

Read More

China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft’s Security Intelligence team. 

The initiative is “a notable expansion of the group’s data exfiltration operations that traditionally targeted gov’t agencies and think tanks in Asia and Europe,” the team tweeted on Monday. 

DEV-0147’s attacks in South America included post-exploitation activity involving the abuse of on-premises identity infrastructure for reconnaissance...

Read More

What is SSO?   Single sign-on (SSO) is a centralized session and user authentication service in which one set of login credentials can be used to access multiple applications. Its beauty is in its simplicity; the service authenticates you on one designated platform, enabling you to then use a variety of services without having to log in and out each time.   In the most common arrangement, the identity...

Read More