account protection

Microsoft, Google widen passkey support for its users
Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out …

Okta warns customers about credential stuffing onslaught
Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential …

Apple debuts new feature to frustrate iPhone thieves
Besides fixing an actively exploited zero-day vulnerability, the latest update for the iOS 17 branch offers a new feature to help you protect your accounts and sensitive …

SEC’s X account hacked to post fake news of Bitcoin ETF approval
Someone has hijacked the X (formerly Twitter) account of the US Securities and Exchange Commission (SEC), and posted an announcement saying the agency has decided to allow the …

Microsoft introduces new access policies in Entra to boost MFA usage
As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to …

Amazon: AWS root accounts must have MFA enabled
Amazon wants to make it more difficult for attackers to compromise Amazon Web Services (AWS) root accounts, by requiring those account holders to enable multi-factor …

Google extends passkeys to Google Workspace accounts
After making passkeys available for consumers in early May, Google is now rolling them out for Google Workspace and Google Cloud accounts. This feature will soon be available …

You can now use passkeys to log in to your Google account
Users can now create passkeys for their Google account, the company has announced on Wednesday. Passkeys will enable users to sign in to their Google account on all major …

Google Authenticator updated, finally allows syncing of 2FA codes
Google has updated Google Authenticator, its mobile authenticator app for delivering time-based one-time authentication codes, and now allows users to sync (effectively: back …

WhatsApp announces features to prevent account takeover
WhatsApp will be rolling out three new security features in the coming months, to provide users with increased privacy and control over their messages and to help prevent …

Twitter will start charging users for SMS-based 2FA option
Twitter has announced that starting with March 20, users who don’t pay the Twitter Blue subscription will no longer be able to use the SMS-based two-factor …

Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts
Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware