Authentication, Operating Systems, Software and Transportation

Passkeys: Using FIDO for Secure and Easy Authentication

Phil Windley

MARCH 27, 2023

Summary: Passkeys, the popular name for FIDO, are not only easy, they offer better protection against phishing than other forms of multi-factor authentication. She's a security expert and focused many of her remarks on the relative security of different multi-factor authentication (MFA) techniques, a topic I cover in my book as well.

Authentication

Authentication Security Transportation Web Services

10 essential tips for bolstering cloud security in your business

CIO Business Intelligence

NOVEMBER 6, 2023

Multi-Factor Authentication (MFA) : Use an additional layer of authentication, such as a fingerprint or one-time code, to verify user identities. To ensure the security of your cloud applications, infrastructure, and operating systems, it’s important to schedule regular vulnerability scans and penetration tests.

Security

Security Cloud Authentication Policies

DIDComm and the Self-Sovereign Internet

Phil Windley

NOVEMBER 11, 2020

The exchange of DIDs to form a connection with another party gives both parties a relationship that is self-certifying and mutually authenticated. DIDComm messages are exchanged between software agents that act on behalf of the people or organizations that control them. Transport-agnostic. DID Communications Protocol.

Internet

Internet Authentication Applications Security

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

North Korean Threat Actors Targeting Healthcare Sector with Maui Ransomware

SecureWorld News

JULY 7, 2022

This can show "good faith" from the ransomware group by allowing targeting and recovery of just sensitive files and not having to rebuild the entire server if the Operating System files are encrypted as well. Nobody wants to be part of the organization that got hacked because they simply forgot to update their software.

Healthcare

Healthcare Fractional CTO Backup Government

The Hacker Mind Podcast: Fuzzing Message Brokers

ForAllSecure

DECEMBER 17, 2021

Jonathan Knudsen from Synopsys joins The Hacker Mind to discuss his presentation at SecTor 2021 on fuzzing message brokers such as RabbitMQ and VerneMQ, both written in Erlang, demonstrating that any type of software in any environment can still be vulnerable. Let's give the software badly formed or invalid inputs. Knudsen: Absolutely.

Open Source

Open Source Software Software Applications

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Problem is, MAC addresses are not great for authentication. It seemed that once you authenticated through the local network, the app maintain that access, even if you are halfway across the world.

Internet

Internet Research Security Tools

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Problem is, MAC addresses are not great for authentication. It seemed that once you authenticated through the local network, the app maintain that access, even if you are halfway across the world.

Internet

Internet Research Security Tools

The Generative Self-Sovereign Internet

Phil Windley

DECEMBER 28, 2020

The strength of such an identity system based security overlay is derived from the security supporting these bindings. Figure 2: Binding of controller, authentication factors, and identifiers in identity systems. Substitutable —The DIDComm protocol defines how systems that use it must behave to achieve interoperability.

Internet

Internet Network Architecture Security

The Hacker Mind Podcast: Car Hacking 0x05

ForAllSecure

AUGUST 10, 2021

You know with modern vehicles, they're actually becoming like they're running on bluetooth, they're running the Android operating system. Vamosi: What unites these microcontrollers is not an operating system, rather it's a bus. A bus is a communication system that transfers data between components. What's that?

Automotive

Automotive Operating Systems System Tools

The Hacker Mind Podcast: Hacking High-Tech Cars

ForAllSecure

NOVEMBER 9, 2022

This streetwise criminal realized he could defeat the manufacturers' anti theft software with his own. He uses Internet provided software gangs often search for and steal a particular high end make and model of car. A proximity authenticate, and CC by forwarding the data from a baseband to the link layer. What's that?

System

System Wireless Security Authentication

The Hacker Mind: Follow The Rabbit

ForAllSecure

MARCH 30, 2022

Their Operating System type was set to windows. Extensions are software applications that Azure manages, either first-party software like Azure’s log analytics agent, or third-party software that Azure supports. The WA agent is an open source software hosted on GitHub. Vamosi: An ah-ha moment.

Firewall

Firewall Virtualization Authentication Linux

Information Technology Zone

Passkeys: Using FIDO for Secure and Easy Authentication

10 essential tips for bolstering cloud security in your business

Webinars

Trending Sources

DIDComm and the Self-Sovereign Internet

Webinars

North Korean Threat Actors Targeting Healthcare Sector with Maui Ransomware

The Hacker Mind Podcast: Fuzzing Message Brokers

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

The Generative Self-Sovereign Internet

The Hacker Mind Podcast: Car Hacking 0x05

The Hacker Mind Podcast: Hacking High-Tech Cars

The Hacker Mind: Follow The Rabbit

Stay Connected