Atlassian has addressed a hardcoded credential flaw in Questions for Confluence and servlet filter bypasses in multiple other products. The Australian vendor of software development and collaboration tools...
Specops Software released new research finding cybersecurity weaknesses in business web apps including Shopify, Zendesk, Trello, and Stack Overflow. Amid a wave of cybersecurity incidents related...
Decentralized Identifiers (DID) is now an official web standard, according to a news release from the World Wide Web Consortium (W3C). DIDs are cryptographic digital identifiers not tied...
Security researchers claim to have uncovered serious security shortcomings in the systems of identity provider Okta. Identity and access management specialist Authomize went public with four supposed...
The English Premier League has introduced two-factor authentication (2FA) controls to its official Fantasy Premier League game (FPL), offering football fans the option to secure their accounts. The...
It is possible to perform single-click account hijacking by abusing the OAuth process flow, a security researcher has found. OAuth, also known as Open Authentication, is...
SMB owners across the globe are still relying only on usernames and passwords to secure critical employee, customer, and partner data, according to the Global Small...
The W3C consortium has decided to move forward a specification for Decentralized Identifiers (DID) to W3C Recommendation status, despite objections from several prominent members of the...
Fewer than half of small and medium-sized businesses are using multi-factor authentication (MFA) to secure critical data, according to new research. The Cyber Readiness Institute’s Global Small Business Multi-Factor...
A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim’s authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen...
Recent Comments