Attackers can bypass password checks in applications that use Bouncy Castle’s OpenBSDBcrypt class because of recently discovered cryptographic mistakes in the widely used encryption library. The authentication bypass vulnerability (CVE-2020-28052) was discovered...
Always-on virtual assistants including Amazon Alexa are enabling side-channel attacks to be taken to the next level. Smart speaker-enabled smart devices can infer a surprisingly large amount of...
Internet technologist Jim Fenton has questioned the assertion that the future is necessarily ‘passwordless’. Many new authentication technologies are advertising themselves as passwordless. This an attractive promise to...
Recent Comments