Apache StreamPipes Flaw Lets Anyone Become Admin

Sometimes a breach doesn’t kick down the front door. It just changes the name on the badge.
Biometric Update

NIST warns token security remains a critical weakness in cloud, federal systems

The report focuses on the cryptographic objects that modern systems use to authenticate users, devices, and software services ...
Security Boulevard

API Authentication Methods Explained: API Keys, OAuth, JWT & HMAC Compared

A deep dive comparing API Keys, OAuth 2.0, JWT, and HMAC for CTOs. Learn which api authentication method fits your enterprise SSO and IAM strategy.
Statetechmagazine

Security Authentication Tokens Can Help Counter Government Cyberthreats

With no shortage of cybersecurity risks in state and local government, state CIOs expect enterprise identity and access management solution adoption or expansion to be the cybersecurity initiative ...
The Silicon Review

NIST, CISA Release Draft Report on Token Security

NIST and CISA release a draft interagency report for public comment on protecting authentication tokens from tampering, theft, and misuse.
AFCEA

Army Authentication Tokens Not Just for Tactical Use

The U.S. Army’s wearable authentication tokens intended for the tactical environment could be used for nontactical purposes, such as accessing strategic-level systems, enterprise networks and medical ...
Bleeping Computer

Latest Authentication Tokens news

Device code phishing abuses the OAuth device flow, and Google and Azure produce strikingly different attack surfaces. Register for Huntress Labs' Live Hack to learn about attack techniques, defensive ...
ZDNet

IETF approves new internet standards to secure authentication tokens

The Internet Engineering Task Force (IETF) --the organization that develops and promotes Internet standards-- has approved three new standards this week designed to improve the security of ...