Security researchers recently published a paper detailing an attack they say can be used to bypass smartphone fingerprint authentication. Yiling He of China’s Zhejiang University and Yu Chen of Tencent Security’s Xuanwu Lab are calling the attack BrutePrint, which they say can be used to hijack fingerprint images. An attack like BrutePrint could present a…
SAML is an open standard facilitating the communication and verification of credentials between identity providers and service providers for users everywhere. In 2005, the open standard consortium OASIS released SAML 2.0 to broad appeal. As smart mobile devices boomed, so did the number of web applications and the need to address never-ending logins. SAML was…
IoT security is where endpoint detection and response (EDR) and enterprise mobility management (EMM) meet the challenges of a rapidly expanding edge computing infrastructure. As the enterprise attack surface grows, IoT is yet another attack vector organizations aren’t fully prepared to defend. Internet of Things (IoT) devices are the smart consumer and business systems powering…
Remote work and home offices were an afterthought until the COVID-19 pandemic. They were then vaulted to the forefront of security concerns so quickly that security and IT teams were caught off guard. Now, remote work is likely here to stay even after the pandemic is gone. That means that the temporary solutions put in…
The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. In an amendment to the EU’s 2014 Radio Equipment Directive (RED), the European Commission noted that as wireless devices, from mobile phones to fitness trackers to smart watches, become increasingly embedded…
This post has been updated for 2021. Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. But even when passwords are secure, it’s not enough. Recently, hackers leaked 87,000 Fortinet VPN passwords, mostly from companies who hadn’t yet patched a two-year-old vulnerability. At this point, multi-factor…
5G is on the cusp of widespread adoption. Consumers and organizations are enthused about the operational benefits of more robust mobile connectivity, but the shift to 5G networks doesn’t come without risks. Service providers and 5G-enabled device manufacturers both have critical roles to play in the success and sustainability of this wireless network rollout. Beyond…
Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Amnesty International and Forbidden Stories – a Paris-based nonprofit media group that…