Research, news and updates on threats and cybersecurity
Higher education institutions in the US and abroad are increasingly becoming the target of cyberattacks. As high-profile attacks continue to make headlines, higher education IT departments must prioritize their budgets and personnel deployment to maintain effective security measures and heighten incident response. Understanding the special risks that face higher education is critical and the first defense, is protecting student and faculty accounts from nefarious logins.
PasswordPing an innovative credential screening and cybersecurity company, formally announced today that it has changed it name to Enzoic.
Balancing Made Easier All enterprises balance their need for strong authentication security against a frictionless user login process. Most fraud and account takeover security products focus on system integrity without much regard for user experience. Companies that position their security measures solely as enterprise protection can foster frustrating user experiences. And some strong authentication methods that can dissuade users: 2Factor …
Facebook is facing scrutiny once again today by disclosing that it accidentally stores “hundreds of millions” user passwords in plaintext. To make matters worse, 20,000 Facebook employees had access to view these passwords. Instagram users are also impacted by this massive oversight. There are so many things wrong here. In the day and age, obviously no company or organization should …
The FTC is sending a strong message that businesses will no longer be able to play the victim-card. Instead, they are responsible for protecting their customers from credential stuffing and account takeover. Learn how this will change security protocols for companies throughout the US.
Requirement 8.3 of the PCI DSS 3.2 goes into effect today (Feb 1, 2018), making MFA (multi-factor authentication) a requirement for every organization involved in payment card processing. Many have implemented MFA ahead of the requirement, however a look at the PCI’s multi-factor implementation guidance highlights some considerations, particularly around passwords that may otherwise be overlooked. 1. Multi-factor means multiple …
Most attention is given to data breaches counted in the tens or hundreds of millions, but there is also a continuous stream of small data breaches that make no headlines but present outsized risks to individuals and organizations. In a recent analysis by Enzoic of breach data collected from the Internet and Dark Web, a full 90% of credential exposures …
Yesterday I received an email in my inbox from a prominent gaming website, indicating that my account had been disabled due to “suspicious activity” and that I would need to reset my password. They then carefully explained that this was not due to a breach of their site, but instead likely due to my account credentials having been exposed either …
With rapid rate of evolution within technology, why are we still using passwords? The answer lies in the simple, positive attributes of passwords that are not found in other authentication methods: affordable, easy to replace, universally compatibility, privacy safe and no false positive. This closer look highlights the gaps in other methods that will make it hard to get past the password.
With rapid rate of evolution within technology, why are we still using passwords? The answer lies in the simple, positive attributes of passwords that are not found in other authentication methods: affordable, easy to replace, universally compatibility, privacy safe and no false positive. This closer look highlights the gaps in other methods that will make it hard to get past the password.
