Password-Free Logins Getting Closer to Becoming a Reality

WebAuthn, with the approval of the World Wide Web Consortium (W3C) and the FIDO Alliance, just became an official web standard for password-free logins. After W3C and the FIDO Alliance first introduced it in November 2015, WebAuthn gained the support of many W3C contributors including Airbnb, Alibaba, Apple, Google, IBM, Intel, Microsoft, Mozilla, PayPal, SoftBank, Tencent and Yubico. With WebAuthn, which is supported by Android and Windows 10, users can log-in via biometrics, mobile devices or FIDO security keys. Continue reading Password-Free Logins Getting Closer to Becoming a Reality

Google Adopts Open-Source, Secure Password-Less Logins

The FIDO Alliance, a consortium for open source authentication standards, is trying to make passwords obsolete, expanding its secure login protocols. Its efforts were boosted by Google’s announcement that it added certified support for the FIDO2 standard, impacting the vast majority of devices running Android 7 or later. That means owners of these Android 7-based devices should be able to log in seamlessly without passwords on mobile browsers such as Chrome. Websites can now be designed to interact with FIDO2 management. Continue reading Google Adopts Open-Source, Secure Password-Less Logins

Trump Pushes for Speedy Adoption of 6G Networks in U.S.

President Trump tweeted his desire to see 6G in the U.S. “as soon as possible,” even as the advent of 5G has yet to make much of a dent. Although what motivated these tweets is unclear, some believe it is related to Trump’s concerns that Huawei and other Chinese companies will surpass the U.S. with 5G-network penetration. Last year, some sources reported that the U.S. government considered building a national 5G service to head off Chinese competition, although if this plan did exist, it was quickly abandoned. Continue reading Trump Pushes for Speedy Adoption of 6G Networks in U.S.

Google Chrome Extension Alerts Users to Password Issues

To combat data breaches, Google has created a Chrome extension to provide a “password checkup” that compares users’ passwords with a database of four billion unique usernames and passwords that have been compromised. The extension works in the background, only showing a warning if it finds a match. That’s all it does: it is not a password manager that determines how weak or strong passwords are. Google accounts, often the key to a user’s email address, are breached mainly because people reuse passwords on multiple sites. Continue reading Google Chrome Extension Alerts Users to Password Issues

Have You Been Hacked? Very Likely In Light of Mega-Breach

Security researcher Troy Hunt, who offers a way to search if your email addresses or passwords have been breached, maintains Collection #1, the largest breach ever, which holds 772,904,991 unique emails and 21 million unique passwords, all of which have been recently posted to a hacking forum. Those numbers represent a “cleaned-up” version of the raw data, which comprise 2.7 billion rows of email addresses and passwords, including over one billion unique combinations of hacked emails and passwords. Continue reading Have You Been Hacked? Very Likely In Light of Mega-Breach

CES 2019: Synamedia Offers AI Solution to Password Sharing

At CES 2019 this week, Synamedia will debut Credentials Sharing Insight, a service enabled by artificial intelligence to discover and halt password sharing, from the casual to the criminal. It’s part of a growing trend among pay TV and streaming video services to curtail the use of shared passwords, especially among friends and family. Synamedia chief product officer Jean-Marc Racine noted that, “the way you secure OTT is evolving.” Parks Associates estimates a loss of as much as $9.9 billion due to password sharing by 2021. Continue reading CES 2019: Synamedia Offers AI Solution to Password Sharing

Google, Yubico Security Keys May Lead to End of Passwords

Swedish-based Yubico, in business for 10 years, debuted its latest online security product, YubiKey 5, a device that plugs into a computer to authenticate the user with a “handshake” that is more secure than a password or authentication code. Google has come out with a similar device, the Titan Key. Both devices can also be used with some smartphones, by plugging into a port or via a wireless communication. These keys are the first arrivals in an Internet security strategy that might displace the password. Continue reading Google, Yubico Security Keys May Lead to End of Passwords

U.S. Consumers Admit to Sharing Amazon, Netflix Accounts

According to a new study from Country Financial, a majority of U.S. consumers are sharing their login info for mobile, shopping and streaming accounts, but are not necessarily sharing the tab. The study found that overall, 74 percent of consumers say they share accounts for Airbnb, Amazon Prime, Hulu, Netflix, Spotify and Uber with their family members and friends (and, in some cases, even their exes). However, more than 36 percent of those who freely share their accounts also indicate that they do not share the monthly costs of those accounts with others. Continue reading U.S. Consumers Admit to Sharing Amazon, Netflix Accounts

California Passes Security Bill to Regulate Connected Devices

The California State Legislature recently passed a bill called “Information Privacy: Connected Devices” that creates regulations for IoT devices sold in the United States. SB-327, which applies to all devices that connect to the Internet and include an Internet Protocol or Bluetooth address, would require that security audits be conducted on components purchased overseas. The bill is the first of its kind in the U.S. and has been forwarded to Governor Jerry Brown for his signature. While some have criticized the bill for not being specific or thorough enough, it could place pressure on manufacturers to offer better device-level protection against cyberattacks. Continue reading California Passes Security Bill to Regulate Connected Devices

Samsung Tackles Home Networking With SmartThings Router

Samsung has launched its SmartThings Wifi router to provide consumers with fast, secure home networking and a reliable smart home hub. Currently available in the U.S. for $120 per single unit or $280 for a 3-pack, the new router leverages artificial intelligence for Wi-Fi management and faster speeds — in addition to mesh networking for optimized Wi-Fi coverage. According to Samsung, a single unit covers up to 1,500 square feet; deploying multiple units helps ensure strong signals throughout the home while minimizing dead zones. Continue reading Samsung Tackles Home Networking With SmartThings Router

Wi-Fi Alliance Finalizes the WPA3 Wireless Security Protocol

The Wi-Fi Alliance just unveiled WPA3, five months after it was first announced. The nonprofit organization that certifies Wi-Fi networking standards introduced a certification for two versions of WPA3, the successor standard to WPA2: WPA3-Personal and WPA3-Enterprise as well as Wi-Fi Easy Connect, a program that makes it easier to pair Wi-Fi devices without displays. Wi-Fi Alliance vice president of marketing Kevin Robinson dubs WPA3 as “the next generation of security for personal and enterprise networks.” Continue reading Wi-Fi Alliance Finalizes the WPA3 Wireless Security Protocol

FBI Requests That We Reboot All Routers to Disrupt Malware

According to Cisco’s threat intelligence division Talos, an estimated 500,000 routers in 54 countries have been infected by malware that the FBI and cybersecurity experts refer to as VPNFilter. The Justice Department has warned that routers are already under control of the Sofacy Group, which is reportedly directed by Russia’s military intelligence agency. Devices from Linksys, MikroTik, Netgear, QNAP and TP-Link are believed to be among the affected equipment. The FBI has requested that owners of home and office routers turn them off and turn them back on. Rebooting the routers will disrupt the malware if present. Users are also encouraged to upgrade firmware, disable remote-management settings, and select a new password. Continue reading FBI Requests That We Reboot All Routers to Disrupt Malware

Cisco Warns of Huge Hacked Network Primed for Cyberattacks

Cisco Systems and U.S. and Ukrainian authorities have warned that a network of half a million routers and storage devices has been hacked and is capable of a massive cyberattack. Security researchers said that the attack could take place during soccer’s UEFA Champions League’s final match on Saturday in Kiev. The devices, in 54 countries, are infected with VPNFilter malware that can shut them down, said Cisco security researcher Craig Williams. The U.S. government is working to reclaim control of the infected servers. Continue reading Cisco Warns of Huge Hacked Network Primed for Cyberattacks

Symantec Publishes Global Security Findings in Latest Report

Today’s consumers are “overconfident in their security prowess,” which has resulted in a record year for cyberattacks, according to the “2017 Norton Cyber Security Insights Report.” The Symantec report found that 978 million people across 20 countries were impacted last year by cybercrime, and 44 percent of consumers were affected in the last 12 months. “As a result,” notes the report, “consumers who were victims of cybercrime globally lost $172 billion — an average of $142 per victim — and nearly 24 hours globally (or almost three full work days) dealing with the aftermath.” Continue reading Symantec Publishes Global Security Findings in Latest Report

WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable

According to researchers, the WPA2 protocol for Wi-Fi connectivity contains a significant weakness that makes it vulnerable to attackers. A hacker within range of connected devices would reportedly be able to exploit this weakness to hijack passwords, emails and other “encrypted” data, or even place ransomware into a website the user is visiting. The research, which has been ongoing for weeks, reveals that the WPA2 core vulnerability could affect operating systems and devices including Android, Linux, OpenBSD, MediaTek, Linksys, macOS and Windows. Continue reading WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable