The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
CNBC

More companies are shifting workers to passwordless authentication

To join the CNBC Technology Executive Council, go to cnbccouncils.com/tec No one likes passwords, whether workers or cybersecurity leaders. Now, more companies are ...
BizTech

Unlocking Modern Security: A Journey Beyond Passwords in User Authentication

Matt is an associate editorial director and award-winning content creation leader. He is a regular contributor to the CDW Tech Magazines and frequently writes about data analytics, software, storage ...
Bleeping Computer

Google wants to enable multi-factor authentication by default

Google strives to push all its users to start using two-factor authentication (2FA), which can block attackers from taking control of their accounts using compromised credentials or guessing their ...
Computer Weekly

Rethink authentication to remove the burden on users

Attackers exploit human nature, making authentication a prime target. The Snowflake data breach is a clear example – hackers used stolen customer credentials, many which lacked multi-factor ...
Bleeping Computer

Hackers steal Windows NTLM authentication hashes in phishing attacks

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks. TA577 is considered an initial ...
Computer Weekly

Biometric revolution in IAM: The future of authentication

The landscape of identity and access management (IAM) is undergoing a profound transformation, driven by the integration of biometric technologies. This evolution marks a significant shift from ...
Lifehacker

You Shouldn’t Use Your Phone Number for Two-Factor Authentication, Anyway

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...
TechSpot

Selfie-based authentication is on the rise, alarming security experts

The big picture: Selfies are increasingly taking on a surprising new role: verifying your identity online. Some banks and even governments have started mandating live selfie captures during video ...
Forbes

Gmail Security Alert: Google To Ditch SMS Codes For Billions Of Users

Update, Feb. 26, 2025: This story, originally published Feb. 23, now includes additional commentary regarding the potential security implications of the decision to deprecate SMS from the Gmail ...
CSOonline

MFA buyer’s guide: 8 top multifactor authentication products and how to choose an MFA solution

Today’s credential-based attacks are much more sophisticated. Whether it’s advanced phishing techniques, credential stuffing, or even credentials compromised through social engineering or breaches of ...