AFCEA

Army Authentication Tokens Not Just for Tactical Use

The U.S. Army’s wearable authentication tokens intended for the tactical environment could be used for nontactical purposes, such as accessing strategic-level systems, enterprise networks and medical ...
CSO Online

Stopping AiTM attacks: The defenses that actually work after authentication succeeds

AiTM attacks don't steal passwords; they copy the result of a real login. You need to watch what happens after the user logs ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
ZDNet

Cyota gives RSA token-less authentication

RSA Security's proposed acquisition of privately held Cyota will allow the company to offer a relatively cheap two factor, non token-based authentication system for its banking customers. RSA is ...
Bleeping Computer

Latest Authentication Tokens news

Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. The TeamPCP hacking group continues its supply-chain rampage, ...
Engadget

Microsoft Teams has been storing authentication tokens in plaintext

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The ...
Infosecurity-magazine.com

The Growing Threat of Broken Authentication Attacks on APIs

Application programming interfaces (APIs) are integral to the functionality of the internet today. By enabling communications between programs, they make many processes more efficient and convenient, ...