Attackers targeted a major US energy company with a phishing campaign that overall sent more than 1,000 emails armed with malicious QR codes aimed at stealing Microsoft credentials. The campaign, discovered by Cofense in May, used both PNG image attachments and redirect links associated with Microsoft Bing and well-known business applications — including Salesforce and…

As our lives have migrated almost entirely online due to the pandemic, the Dashlane list highlights the companies and organizations with the most significant password-related mishaps of 2020. Social networking may have kept us connected in the year of COVID-19-induced social distancing, but unfortunately Twitter and Zoom (which took the #1 and #2 spots on…

IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, according to Yubico and Ponemon Institute. The conclusion is that IT security practitioners and individuals are both engaging in risky password and authentication practices, yet expectation…

ImageWare Launches Multi-modal Biometric Authentication for Enterprises

Today’s security consensus is that password-based authentication and access is insecure, and that some form of two- or multi-factor authentication is necessary. The simplest and easiest second factor is an SMS-based soft token, and that is the route already adopted by many organizations. However, NIST’s recently published concern over some implementations of SMS-based 2FA has…