In This Section


Category: Authentication

September 8, 2017
How 3 Premier Call Centers Are Reducing Fraud With Pindrop
With $14 billion lost annually to phone fraud, the call center remains a common target to fraudsters. Legacy authentication methods including caller identification, knowledge based authentication questions (KBAs), and ANI verifications no longer stand up to sophisticated attacks. Using these outdated solutions costs call centers $0.33 per call, adding up to $8 billion each year.…
Read More →
August 8, 2017 | Dennis Fisher
Microsoft Will Drop Trust For WoSign Certificates
Microsoft is following the lead of Google, albeit quite slowly, and removing trust for certificates issued by Chinese CAs WoSign and StartCom in its products. The decision is a result of the companies issuing some certificates in 2015 and 2016 that violated rules established by the CA/Browser forum. Specifically, researchers discovered that the CAs had…
Read More →
August 7, 2017 | Dennis Fisher
Siemens Medical Scanners Open to Simple Remote Exploitation
Siemens is warning customers that some of its CT and PET scanning machines have a pair of remotely exploitable vulnerabilities that attackers can use to execute arbitrary code. The flaws actually lie in Windows XP, the operating system on which the imaging equipment runs. One of the vulnerabilities was disclosed earlier this summer, while the…
Read More →
August 4, 2017 | Dennis Fisher
FBI Biometric Database Will Be Exempt From Some Privacy Act Protections
The FBI’s latest biometric database, which contains a host of identifying information from a wide range of sources, will be exempt from many of the restrictions of the Privacy Act. In a final rule published this week by the Department of Justice, the FBI announced that the Next Generation Identification system would not be subject to the Privacy Act.…
Read More →
August 1, 2017 | Dennis Fisher
IoT Security Bill Would Protect Research, Require Patches
Congress may be about to apply some real pressure to hardware manufacturers and software makers whose IoT devices are forming the spine of a new, wildly insecure global network. A bill introduced Tuesday in the Senate would require IoT makers to guarantee that any devices sold to federal agencies are patchable and don’t contain any known security…
Read More →
July 7, 2017
Google Adds New Anti-Phishing Feature to G Suite
Google is rolling out a new security feature for enterprises customers of its G Suite hosted apps that allows administrators to choose exactly which apps have access to user data. The feature is designed as a barrier against phishing attacks, many of which try to fool or confuse users into giving attackers access to sensitive…
Read More →
July 6, 2017
Free Wildcard Certificates Coming From Let’s Encrypt
Let’s Encrypt, the certificate authority that provides free digital certificates for site owners, plans to expand its service soon by offering wildcard certificates, as well, beginning in January. The move is designed to enable site owners to secure their main domain, along with as many subdomains as they own, with just one certificate. Normal certificates are tied to…
Read More →
June 23, 2017
Tech Support, Email Fraud Schemes Top FBI Internet Crime List
Fraudsters are continuing to have quite a bit of success with business email compromise scams. Last year, companies in the United States lost more than $360 million to these schemes, an increase of nearly 50 percent from 2015. The FBI’s 2016 Internet Crime Report, which the bureau’s Internet Crime Complaint Center (IC3) released Thursday, includes…
Read More →
June 13, 2017
Europol Dismantles International Fraud Ring
Police have dismantled a payment-card fraud network that stretched across Europe and had the capability to clone payment cards, install skimmers on ATMs, and is responsible for hundreds of thousands of dollars in losses. The fraud ring was operating not just in Europe, but also in the United States, the Dominican Republic, Peru, Malaysia, Costa Rica,…
Read More →
June 9, 2017
Phishing Attacks Using SSL Spike
Phishing crews increasingly are using sites with valid SSL certificates in order to make their attacks appear more legitimate, a new report shows. In the last couple of years it has become much easier and faster for site owners to obtain SSL certificates for their sites, thanks to the emergence of free CAs such as…
Read More →
Introducing Pindrop® Express – Authenticate without compromise.