In This Section

PINDROP BLOG

Category: Authentication

May 31, 2017
Preventing Forgery With Paper Fingerprinting
In a new study out from a UK based research team, scientists have discovered an inexpensive and easy-to-use way to validate the authenticity of any paper document solely by taking a picture of it with a camera. Capturing the random interweaving of the wooden particles that are used to make up paper, the research team…
Read More →
May 26, 2017
RoughTed Malvertising Campaign Bypasses Ad Blockers
A long-running, multi-faceted, malvertising campaign has been found using a technique that enables the sites involved to bypass the protections of ad blockers. Malvertising campaigns can take a lot of different forms and they often involve multiple layers of compromised or malicious sites and lots of redirections. Some campaigns are connected to malware operations and…
Read More →
May 23, 2017
On the Wire Podcast: Yanick Fratantonio and Simon Chung
A team of researchers from the University of California at Santa Barbara and Georgia Tech this week published detailed research on a set of weaknesses and vulnerabilities in Android that can allow an attacker to use a malicious app to completely control the UI of a device. The Cloak & Dagger attacks, as they’re called,…
Read More →
May 16, 2017
DocuSign Says Breach Led to Phishing Campaign
A recent compromise of a system at DocuSign, the electronic document signing vendor, led to a phishing campaign that’s hitting some of the company’s customers right now. Officials at DocuSign said they had noticed an increase in phishing emails to some customers and users in recent days and began investigating whether the company’s eSignature service…
Read More →
May 15, 2017
Google to Streamline Android Update Process
For a decade, Android users have had to rely on a byzantine update process involving Google, device manufacturers, and carriers in order to get security patches and new versions of the operating system. Google is now trying to streamline this process and get updates into users’ hands more quickly through a plan called Project Treble.…
Read More →
April 24, 2017
Google Patches Unicode Domain Phishing Bug in Chrome
Google has patched a dangerous issue in Chrome that enabled attackers to spoof legitimate domains in the browser by using unicode characters rather than normal ones. That vulnerability is the result of the way that Chrome handles some unicode characters and it’s not necessarily a new issue. Security experts have known about the underlying problem…
Read More →
April 20, 2017
Mastercard Replaces PINs With Fingerprint Sensor on New Cards
Mastercard is rolling out a new payment card that includes a fingerprint sensor built right onto the card, a feature that is meant to eliminate the need for a PIN during in-person transactions. The new card also has a chip embedded in it and it can be used at all of the existing chip-and-PIN terminals.…
Read More →
April 18, 2017
Facebook Launches Beta of New Account Recovery System
Facebook has opened a beta program for its new Delegated Account Recovery system, which is designed to replace traditional email or SMS-based recovery processes. The Facebook system allows users to connect their Facebook accounts with other services and use that trusted link to recover access to one of the accounts. The company has published an SDK and…
Read More →
April 12, 2017
FTC Halts Tech-Support Scam That Pretended to Represent the FTC
The FTC has shut down a phone and email scam that involved scammers contacting consumers, falsely claiming to be working on behalf of the FTC and offering fake tech support services. The scheme is a twist on the old Windows tech support scam in which fraudsters call consumers and try to sell remote tech support…
Read More →
April 4, 2017
Inside the Total Compromise of a $25 Billion Bank
ST. MAARTEN–On a quiet Saturday afternoon in October 2016, security researchers in Latin America began noticing some odd behavior in the Brazilian banking system. Customers visiting the  website of one of the country’s larger banks were being hit with automatic malware downloads, but as the researchers began investigating the incident, it quickly became clear that…
Read More →
Pindrop® Panorama: Beating the Balancing Act of Security and Customer Service