authentication
Aegis Authenticator: Free, open-source 2FA app for Android
Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts. The app features strong encryption and the ability to …
NTLM relay attacks are back from the dead
NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM relay is a solved problem, it is not – …
ClickFix attacks skyrocketing more than 500%
ClickFix, a deceptive attack method, saw a surge of more than 500% in the first half of 2025, making it the second most common attack vector after phishing, according to …
Why should companies or organizations convert to FIDO security keys?
In this Help Net Security interview, Alexander Summerer, Head of Authentication at Swissbit, explains how FIDO security keys work, what threats they address, and why they’re …
Strategies to secure long-life IoT devices
In this Help Net Security interview, Rob ter Linden, CISO at Signify, discusses priorities for CISOs working on IoT security, including the need for compliant infrastructure, …
Balancing cybersecurity and client experience for high-net-worth clients
In this Help Net Security interview, Renana Friedlich-Barsky, EVP and CISO at LPL Financial, discusses how threat actors are targeting high-net-worth clients and exploiting …
Product showcase: Secure digital and physical access with the Swissbit iShield Key 2
To meet today’s complex security requirements, organizations need solutions that are not only secure, but also practical and scalable. The Swissbit iShield Key 2 offers a …
Hanko: Open-source authentication and user management
Hanko is an open-source, API-first authentication solution purpose-built for the passwordless era. “We focus on helping developers and organizations modernize their …
New Microsoft accounts will be “passwordless by default”
Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of …
What’s worth automating in cyber hygiene, and what’s not
Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. …
The UK’s phone theft crisis is a wake-up call for digital security
Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving …
The future of authentication: Why passwordless is the way forward
By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex …
Featured news
Resources
Don't miss
- Stop settling for check-the-box cybersecurity policies
- Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
- FAPI 2.0: How the OpenID Foundation is enabling scalable interoperability in global healthcare
- pqcscan: Open-source post-quantum cryptography scanner
- Bitdefender PHASR: Proactive hardening demo overview