In This Section

PINDROP BLOG

Category: Identity

July 13, 2017
Verizon Says Data Breach Exposure Limited
Verizon has acknowledged that millions of customer records, including phone numbers and account PINs, were exposed in a misconfigured cloud database, but says no one aside from a security researcher accessed the data. The data was in an Amazon cloud bucket administered by a third-party vendor used by Verizon in Israel. Chris Vickery, a researcher…
Read More →
June 26, 2017
Anthem Settles Data Breach Suit for $115 Million
Anthem Inc., the victim of one of the more extensive data breaches in U.S. history, has agreed to pay a settlement of $115 million to consumers affected by the incident. The settlement is believed to be the largest ever to result from a data breach in the U.S. and would end a class-action lawsuit that followed…
Read More →
June 23, 2017
Tech Support, Email Fraud Schemes Top FBI Internet Crime List
Fraudsters are continuing to have quite a bit of success with business email compromise scams. Last year, companies in the United States lost more than $360 million to these schemes, an increase of nearly 50 percent from 2015. The FBI’s 2016 Internet Crime Report, which the bureau’s Internet Crime Complaint Center (IC3) released Thursday, includes…
Read More →
June 1, 2017
OneLogin Warns of Breach at U.S. Data Center
Security firm OneLogin, which provides single sign-on and other identity and authentication products, has suffered a data breach that it says likely affects all of its customers served by its data center in the United States. In an email sent to customers, the company said that customer data was possibly compromised, but it didn’t specify…
Read More →
May 31, 2017
Preventing Forgery With Paper Fingerprinting
In a new study out from a UK based research team, scientists have discovered an inexpensive and easy-to-use way to validate the authenticity of any paper document solely by taking a picture of it with a camera. Capturing the random interweaving of the wooden particles that are used to make up paper, the research team…
Read More →
March 28, 2017
Congress Asks FCC for Urgent Action on Mobile Security
Congressional leaders are continuing to pressure federal agencies to address shortcomings in the security of the telecommunications infrastructure, specifically to warn consumers about weaknesses that can open them up to remote surveillance. In a letter sent Tuesday, Rep. Ted Lieu and Sen. Ron Wyden asked FCC Chairman Ajit Pai to take “swift action” to resolve…
Read More →
March 27, 2017
Another Critical Bug Hits LastPass
A few days after LastPass released a fix for some critical security flaws in its extensions for Chrome and Firefox, a researcher has identified a new vulnerability in the browser extension that allows an attacker to get full code execution on a target machine. The details of the new bug are not public yet, but…
Read More →
March 7, 2017
Nest Adds Two-Step Verification for Users
Nest, maker of smart home thermostats and other devices, is adding two-step verification to its authentication process, making it more difficult for attackers to take over users’ devices. The company said on Tuesday that it is implementing the ability for users to require a short code sent by SMS as part of the sign-in process…
Read More →
February 13, 2017
The Joy and Pain of RSA Week
It’s that time of year again, when the security industry looks westward with a mixture of anxiety, dread, and expense-account induced giddiness: RSA week. When people who have never been to the RSA Conference before ask me what to expect, I never have a good answer. A lot of it depends on what your job…
Read More →
January 24, 2017
Lavabit Launches New Encrypted Email System
Lavabit, the secure email service that shut down in 2013 rather than turn over the encryption key for a user account to the federal government, has reemerged with a new encrypted mail offering based on a standard developed by the company. It’s been more than three years since Lavabit founder Ladar Levison decided to end the…
Read More →
Introducing Pindrop® Express – Authenticate without compromise.