The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-sized device vulnerable to cloning when an attacker gains temporary physical access to it, researchers said Tuesday. The cryptographic flaw, known as a side channel, resides …
Read More »
The password killers known as “passkeys” are now available to users of Google's Advanced Protection Program, which works to add an additional layer of account protection for people who fear that they could face targeted digital attacks. The company is more than a year into supporting passkeys for all regular …
Read More »
The Biden administration is asking the world’s largest technology companies to publicly commit to tightening the digital security of their software and cloud services. The voluntary pledge, first reported by WIRED, represents the latest effort by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to build support …
Read More »
This week, the United States Securities and Exchange Commission (SEC) suffered an embarrassing—and market-moving—breach in which a hacker gained access to its X social media account and published fake information about a highly anticipated SEC announcement related to bitcoin. The agency regained control of its account and deleted the post …
Read More »
Meta changed how two-factor authentication works for Facebook and Instagram last year. You might have received notifications about this, but it was easy to miss in the platform’s sea of red alerts. OK, so what’s different? “Any devices you’ve frequently used Facebook on in the past two years will be …
Read More »