Facebook breach of 90 million users’ ID tokens: Not surprising

By Richi Jennings | October 2, 2018
Analysis: It was only a matter of time Last week, Facebook revealed it had suffered a breach of 50 million users’ data. And now we hear 40 million more people needed their ID tokens resetting—because the vulnerability existed for more than a year. But because people often use Facebook as an identity provider, the problem […]
Read More

Uber Settles Data Breach Investigation

By Sarah Landes | September 28, 2018
The Weekly Cypher is specially curated to keep you up-to-date on the latest in cybersecurity, biometrics, and related news and innovations. Here are a few of the headlines you might have missed this week. Uber Settles Data Breach Investigation for $148 Million | NYTimes Uber will pay $148 million to settle a nationwide investigation into […]
Read More

Buyer Beware: All 2FA Solutions are not Created Equal

By Lori Cohen | September 27, 2018
Most 2FA solutions on the market today aren’t even ‘two-factor’ solutions according to Ant Allan, a Gartner Research vice president, who recently tweeted: “Most mainstream #2fa or #mfa solutions are really ”second-factor“ solutions – they add to an existing password. (Even when they have their own PIN.) Few vendors offer both factors in a well-integrated […]
Read More

Credential-stuffing explodes as password-reuse continues unchecked

By Richi Jennings | September 26, 2018
The problem isn’t the reuse—it’s the passwords! New research shows that hackers have been turning their malicious attention to cracking accounts with reused passwords. In other words, credential stuffing. That’s where hackers try to break into accounts that share the same username and password as other, previously-leaked accounts—is becoming a huge problem. And for a hacker […]
Read More

State Department Suffers Data Breach

By Sarah Landes | September 21, 2018
The Weekly Cypher is specially curated to keep you up-to-date on the latest in cybersecurity, biometrics, and related news and innovations. Here are a few of the headlines you might have missed this week. Call for smart home devices to bake in privacy safeguards for kids | TechCrunch A new research report has raised concerns […]
Read More

U.S. Customs Agency Sees Growing Role for Facial Recognition

By Justine Brown | September 19, 2018
Anyone who has traveled abroad recently and returned to the U.S. via a major airport has probably witnessed the new kiosks in use by U.S. Customs and Border Protection (CBP). CBP began testing the systems in 2015 as part of its biometric entry and exit programs to screen out people arriving in the U.S. with […]
Read More

Lawmakers Slam State Department for Failing on Cybersecurity

By Sarah Landes | September 14, 2018
The Weekly Cypher is specially curated to keep you up-to-date on the latest in cybersecurity, biometrics, and related news and innovations. Here are a few of the headlines you might have missed this week. Hackers Manage to Compromise Aadhaar’s Biometric Security System | TechNadu In a highly alarming development, hackers have found a way to […]
Read More

12 months on from Equifax breach: No change?

By Richi Jennings | September 12, 2018
Why are people still using SSNs as identifiers? It’s been a year since we discovered the biggest consumer data-breach ever. 150 million people had their personal identifying information leak out of Equifax’s servers. Identity information including social security numbers—which were of course never intended to be used as an identifier. Soon after the breach went public, there […]
Read More

US and intelligence allies take aim at tech companies over encryption

By Constantine von Hoffman | September 7, 2018
The Weekly Cypher is specially curated to keep you up-to-date on the latest in cybersecurity, biometrics, and related news and innovations. Here are a few of the headlines you might have missed this week. US and intelligence allies take aim at tech companies over encryption | NextGov The U.S. and its four closest allies have […]
Read More

How A Toaster Could Steal Your Identity

By Constantine von Hoffman | September 5, 2018
There is so much about the Internet of Things (IoT) that is funny — as long as you don’t consider the security implications. Consider: For a mere $100 you can own a toaster that will notify you when your toast is ready. “A companion app that has different types of bread and a slider to […]
Read More