The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.

VeriSign has released VIP (VeriSign Identity Protection) Access for Mobile (iTunes Link), a free app that lets you supplement typical user Web site log-ins with an extra, cryptographically strong ID ...

Diversinet's MobiSecure suite of mobile tokens and mobile authentication services are an OATH-compliant solution, which allows customers to have the flexibility to incorporate One Time Password (OTP) ...

Enterprises are adopting biometric authentication for identity and access management to strengthen security, streamline ...

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The ...

New $15 Price And Lifetime Replacement Option For ActivCard Dynamic Password RSA Conference, SAN FRANCISCO, CA – February 23, 2004 – ActivCard Corp. (NASDAQ: ACTI), a global provider of strong ...

RSA Security's proposed acquisition of privately held Cyota will allow the company to offer a relatively cheap two factor, non token-based authentication system for its banking customers. RSA is ...

Passing MFA doesn't mean a session is safe, attackers can hijack tokens and bypass identity checks. Specops Software explains ...

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Application providers charge fees to implement single sign-on but don't deliver a full SSO experience. Threat actors are taking advantage of the situation. We hate asking an organization we are ...