Software company Kaseya was targeted by a cyberattack starting Friday that has since spread to hundreds of mainly small and medium-size businesses. On Monday, Kaseya chief executive Fred Voccola reported to Anne Neuberger, the deputy national security advisor for cyber and emerging technology, that the attackers demanded a $70 million ransomware payment and that his company wasn’t aware of any breach of critical infrastructure impacting national security. According to experts, the attackers may be members of REvil, a Russian cybercriminal group. Continue reading Massive Ransomware Attack Affects Hundreds of Businesses

During its Cloud Next 2019 developer conference, Google revealed its Advanced Protection Program would be widely released and Titan Security Keys will be more readily available in retail. The former, which is intended to prevent cyberattacks against high profile targets such as politicians and business leaders, will debut in beta for G Suite, Google Cloud Platform (GCP), and Cloud Identity customers. The Advanced Protection Program “enforces the use” of the Titan Security Key or compatible third-party hardware, blocking access to third-party accounts not approved by admin. Continue reading Google’s Cloud Platform Updates Focus on Security Issues

WebAuthn, with the approval of the World Wide Web Consortium (W3C) and the FIDO Alliance, just became an official web standard for password-free logins. After W3C and the FIDO Alliance first introduced it in November 2015, WebAuthn gained the support of many W3C contributors including Airbnb, Alibaba, Apple, Google, IBM, Intel, Microsoft, Mozilla, PayPal, SoftBank, Tencent and Yubico. With WebAuthn, which is supported by Android and Windows 10, users can log-in via biometrics, mobile devices or FIDO security keys. Continue reading Password-Free Logins Getting Closer to Becoming a Reality

Last Gadget Standing, presented by Living in Digital Times — a raucous event at the tail end of CES — has been a tradition for 19 years, when journalist/editor/author Robin Raskin founded it. The event features a showgirl in skimpy red spangles and feathered headdress, loads of swag thrown out to the audience, and music with a powerful beat. Having featured New York Times writer David Pogue for several years, this year’s event was hosted by the first woman ever, consumer electronics journalist Jennifer Jolly, who wore a top hat with a video screen embedded in the front. Continue reading Celebrating CES 2019 Once Again with Last Gadget Standing

Swedish-based Yubico, in business for 10 years, debuted its latest online security product, YubiKey 5, a device that plugs into a computer to authenticate the user with a “handshake” that is more secure than a password or authentication code. Google has come out with a similar device, the Titan Key. Both devices can also be used with some smartphones, by plugging into a port or via a wireless communication. These keys are the first arrivals in an Internet security strategy that might displace the password. Continue reading Google, Yubico Security Keys May Lead to End of Passwords

At a CES CyberSecurity Forum, journalist/author Wayne Rash led a discussion on the various ways that companies are failing to protect their intellectual property and remain vulnerable to malicious code and ransomware. According to Yubico chief executive Stina Ehrensvard, 70 percent of hacks are related to passwords. “The password is the weak link,” agrees Authentic8 chief executive Scott Petry. “Reusing passwords is a problem. If you use your Yahoo password for other sites, you’re in trouble.” Continue reading Cybersecurity and How to Build Speed Bumps Against Hackers

Official FIDO certification for 31 products — from physical devices to login services — has been issued to 18 companies, marking the first certification under the new spec that aims to foster alternatives to password authentication and provide new opportunities for interoperating services. Systems compatible with FIDO can accept logins from any certified device, such as a fingerprint reader or voiceprint detector. Google’s all-purpose login service was certified as a universal two-factor server, and Yubico received certification for two USB security keys. Continue reading FIDO Certification is First Step for a World Without Passwords

Technology companies have realized that passwords are not always the most convenient form of security and are seeking alternatives. The new iPhone, for example, features fingerprint scanning while Microsoft’s Windows 8.1 operating system is optimized for fingerprint-based biometrics. Passwords are often long and complicated and difficult to remember. However, new security innovations are emerging that could lead to people relying less on passwords. Continue reading Replacing Passwords: Innovative Forms of Security Emerging