Security news aggregator

Latest coverage for Authentication

Stay secure online with the latest on authentication techniques, best practices, and industry updates at the forefront of information security.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Authentication confirms the identity of users or systems before granting access to resources, typically using factors like passwords (knowledge), hardware tokens (possession), or biometrics (inherence). It establishes trust boundaries that prevent unauthorized entities from impersonating legitimate users or devices within networks and applications.

Weak authentication enables attackers to perform account takeover, privilege escalation, or lateral movement by exploiting stolen credentials, phishing, or replay attacks. Deploying multi-factor authentication (MFA) with independent factors significantly reduces these risks. Secure credential storage, regular rotation, and monitoring authentication logs for anomalies are critical defenses to detect and block unauthorized access attempts early in the attack chain.

Showing 2 most recent headlines Filtered view
Bank Info Security 2 years, 2 months ago

AI Voice Cloning Pushes 91% of Banks to Rethink Verification

BioCatch Survey Report Focuses on New AI-Based Risks and Fraud-Fighting SolutionsBanks are concerned about advancements in voice-cloning technology and the threat it poses to authentication. The failure of identity-centric solutions to combat synthetic identity fraud has convinced 91% of U.S. banks to reconsider their use of voice verification for major customers.

Bank Info Security 2 years, 2 months ago

Multifactor Authentication Bypass Attacks: Top Defenses

Joe Toomey of Cyber Insurer Coalition Details Rise in Attacks Targeting Weak MFAAdversaries seeking easy access to enterprise networks continue to probe for weak multifactor authentication deployments, oftentimes via nontargeted attacks that lead to phishing pages designed to steal one-time codes, said Joe Toomey, head of security engineering at cyber insurer Coalition.