Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts

Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts,

Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out the passwordless solution across Google Accounts on all platforms.
Passkeys, backed by the FIDO Alliance, are a more secure way to sign in to apps and websites without having to use a traditional password. This, in turn, can be achieved by simply unlocking their computer or

,

Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out the passwordless solution across Google Accounts on all platforms.
Passkeys, backed by the FIDO Alliance, are a more secure way to sign in to apps and websites without having to use a traditional password. This, in turn, can be achieved by simply unlocking their computer or

, ,
https://thehackernews.com/2023/05/google-introduces-passwordless-secure.html

Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics

Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics,

A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity.
Trend Micro attributed the intrusion set to a cyber espionage group it tracks under the name Earth Longzhi, which is a subgroup within APT41 (aka HOODOO

,

A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity.
Trend Micro attributed the intrusion set to a cyber espionage group it tracks under the name Earth Longzhi, which is a subgroup within APT41 (aka HOODOO

, ,
https://thehackernews.com/2023/05/chinese-hacker-group-earth-longzhi.html

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust,

An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years.
The effort, codenamed Operation SpecTor, also saw the authorities confiscating more than $53.4 million in cash and virtual currencies, 850 kg of drugs, and

,

An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years.
The effort, codenamed Operation SpecTor, also saw the authorities confiscating more than $53.4 million in cash and virtual currencies, 850 kg of drugs, and

, ,
https://thehackernews.com/2023/05/operation-spector-534-million-seized.html

Download the eBook: What Does it Take to be a Full-Fledged Virtual CISO?

Download the eBook: What Does it Take to be a Full-Fledged Virtual CISO?,

Almost half of MSP clients fell victim to a cyberattack within the last 12 months. In the SMB world, the danger is especially acute as only 50% of SMBs have a dedicated internal IT person to take care of cybersecurity. No wonder cybercriminals are targeting SMBs so heavily. No wonder SMBs are increasingly willing to pay a subscription or retainer to gain access to expert C-level cyber-assistance

,

Almost half of MSP clients fell victim to a cyberattack within the last 12 months. In the SMB world, the danger is especially acute as only 50% of SMBs have a dedicated internal IT person to take care of cybersecurity. No wonder cybercriminals are targeting SMBs so heavily. No wonder SMBs are increasingly willing to pay a subscription or retainer to gain access to expert C-level cyber-assistance

, ,
https://thehackernews.com/2023/05/download-ebook-what-does-it-take-to-be.html

Grâce aux « passkeys », Google signe le « début de la fin des mots de passe »

Grâce aux « passkeys », Google signe le « début de la fin des mots de passe »,

google

Se connecter à son compte Google sans mot de passe, ni vérification en deux étapes, c’est désormais possible à compter de ce mercredi 3 mai. La méthode (« passkey » ou clé d’accès) est basée sur la norme « Fido ».

,

google

Se connecter à son compte Google sans mot de passe, ni vérification en deux étapes, c’est désormais possible à compter de ce mercredi 3 mai. La méthode (« passkey » ou clé d’accès) est basée sur la norme « Fido ».

, ,
https://www.01net.com/actualites/grace-aux-passkeys-google-signe-le-debut-de-la-fin-des-mots-de-passe.html

L’administration Biden veut mettre les géants de l’IA au pas

L’administration Biden veut mettre les géants de l’IA au pas,

joe biden

Comme un calendrier qui s’accélère. La Maison Blanche a invité les principaux dirigeants du secteur de l’IA à discuter des garde-fous à mettre en place pour atténuer, voire supprimer, les risques soulevés par les outils d’intelligence artificielle. Deux jours plus tôt, l’autorité de la concurrence, en charge de la protection des consommateurs, a aussi rappelé les règles du jeu.

,

joe biden

Comme un calendrier qui s’accélère. La Maison Blanche a invité les principaux dirigeants du secteur de l’IA à discuter des garde-fous à mettre en place pour atténuer, voire supprimer, les risques soulevés par les outils d’intelligence artificielle. Deux jours plus tôt, l’autorité de la concurrence, en charge de la protection des consommateurs, a aussi rappelé les règles du jeu.

, ,
https://www.01net.com/actualites/ladministration-biden-veut-mettre-les-geants-de-lia-au-pas.html

Apple and Google Join Forces to Stop Unauthorized Tracking Alert System

Apple and Google Join Forces to Stop Unauthorized Tracking Alert System,

Apple and Google have teamed up to work on a draft industry-wide specification that’s designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags.
« The first-of-its-kind specification will allow Bluetooth location-tracking devices to be compatible with unauthorized tracking detection and alerts across Android and

,

Apple and Google have teamed up to work on a draft industry-wide specification that’s designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags.
« The first-of-its-kind specification will allow Bluetooth location-tracking devices to be compatible with unauthorized tracking detection and alerts across Android and

, ,
https://thehackernews.com/2023/05/apple-and-google-join-forces-to-stop.html

Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices

Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices,

Threat actors are actively exploiting an unpatched five-year-old flaw impacting TBK digital video recording (DVR) devices, according to an advisory issued by Fortinet FortiGuard Labs.
The vulnerability in question is CVE-2018-9995 (CVSS score: 9.8), a critical authentication bypass issue that could be exploited by remote actors to gain elevated permissions.
« The 5-year-old vulnerability (

,

Threat actors are actively exploiting an unpatched five-year-old flaw impacting TBK digital video recording (DVR) devices, according to an advisory issued by Fortinet FortiGuard Labs.
The vulnerability in question is CVE-2018-9995 (CVSS score: 9.8), a critical authentication bypass issue that could be exploited by remote actors to gain elevated permissions.
« The 5-year-old vulnerability (

, ,
https://thehackernews.com/2023/05/hackers-exploiting-5-year-old-unpatched.html

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal units.
The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the CVSS scoring system for its low attack complexity.
« Successful exploitation of this

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal units.
The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the CVSS scoring system for its low attack complexity.
« Successful exploitation of this

, ,
https://thehackernews.com/2023/05/cisa-issues-advisory-on-critical-rce.html

Voici les 20 mots de passe les plus utilisés en France… et c’est vraiment triste

Voici les 20 mots de passe les plus utilisés en France… et c’est vraiment triste,

mots passe

Les Français continuent de choisir des mots de passe non sécurisés. D’après une étude de NordPass, les internautes ne parviennent pas à changer leurs habitudes. Ils utilisent encore et toujours des codes d’accès qu’un pirate peut « cracker » en moins d’une seconde… Découvrez la liste des mots de passe à ne surtout pas utiliser.

,

mots passe

Les Français continuent de choisir des mots de passe non sécurisés. D’après une étude de NordPass, les internautes ne parviennent pas à changer leurs habitudes. Ils utilisent encore et toujours des codes d’accès qu’un pirate peut « cracker » en moins d’une seconde… Découvrez la liste des mots de passe à ne surtout pas utiliser.

, ,
https://www.01net.com/actualites/voici-20-mots-de-passe-plus-utilises-france-vraiment-triste.html