Security news aggregator

Latest coverage for Authentication

Stay secure online with the latest on authentication techniques, best practices, and industry updates at the forefront of information security.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Authentication confirms the identity of users or systems before granting access to resources, typically using factors like passwords (knowledge), hardware tokens (possession), or biometrics (inherence). It establishes trust boundaries that prevent unauthorized entities from impersonating legitimate users or devices within networks and applications.

Weak authentication enables attackers to perform account takeover, privilege escalation, or lateral movement by exploiting stolen credentials, phishing, or replay attacks. Deploying multi-factor authentication (MFA) with independent factors significantly reduces these risks. Secure credential storage, regular rotation, and monitoring authentication logs for anomalies are critical defenses to detect and block unauthorized access attempts early in the attack chain.

Showing 11 most recent headlines Filtered view
Bank Info Security 2 years, 4 months ago

TA577 Now Focusing on NT LAN Manager Authentication Theft

Proofpoint Spots Recent Changes in Cyber Tactics for Black Basta-Affiliated GroupA cyber threat actor is shifting tactics from conventional malware delivery to a targeted focus on acquiring NT LAN Manager authentication information to potentially collect sensitive data and perform other malicious actions. The campaigns have targeted hundreds of organizations globally.

Bank Info Security 2 years, 4 months ago

JetBrains' TeamCity Bugs Could Lead to Server Takeover

Users Advised to Prioritize Patching for Publicly Known Flaws, ExploitTwo critical vulnerabilities affecting all on-premises versions of TeamCity servers can result in authentication bypass and path traversal, enabling an attacker to gain administrative privileges for a server and take it over. Users should prioritize patching now that the exploit is public.