Expert(s):
VP of Solution Engineeringfeature_status*/ ?>
OneLogin

Comments Dotted : 29
February 15, 2021

Security Expert Reaction On U.S CBP Uses Facial Recognition To Verify Travelers
While biometrics have a role to play in identification, it does face significant limitations.

We should not assume that the CBP facial recognition tools have failed simply by a lack of imposter identification, as this may simply be the result of fewer individuals attempting to enter the country as a result of Covid. Nevertheless, while biometrics have a role to play in identification, it does face significant limitations. Most people don’t realise that Biometric authentication relies on a probabilistic model, not deterministic. When comparing a facial or fingerprint scan to the stored

.....Read More

We should not assume that the CBP facial recognition tools have failed simply by a lack of imposter identification, as this may simply be the result of fewer individuals attempting to enter the country as a result of Covid. Nevertheless, while biometrics have a role to play in identification, it does face significant limitations. Most people don’t realise that Biometric authentication relies on a probabilistic model, not deterministic. When comparing a facial or fingerprint scan to the stored value, the system accepts a degree of variation. This is called the False Acceptance Rate (FAR) metric, which is the probability that the system will incorrectly identify a user as valid. Realising that facial recognition is simply verifying that the scan is ‘similar’ to the stored image, you can see that there is a real risk that the CBP tools are not detecting skillful imposters.

  Read Less
December 18, 2020

Expert Reacted On Manchester To Explore Biometrics For Transport, Education And Health Services
Yes, biometrics have a role to play.
All too often, biometrics are seen as the panacea for solving the difficult task of accurately and securely identifying people with a seamless user experience. Yes, biometrics have a role to play, but they have important limitations, and if not deployed in the right way, they pose a significant risk. First of all, biometric identification is not 100% accurate — it relies on the probability of the facial or fingerprint scan, for example, belonging to the user, and operates with what is often .....Read More
All too often, biometrics are seen as the panacea for solving the difficult task of accurately and securely identifying people with a seamless user experience. Yes, biometrics have a role to play, but they have important limitations, and if not deployed in the right way, they pose a significant risk. First of all, biometric identification is not 100% accurate — it relies on the probability of the facial or fingerprint scan, for example, belonging to the user, and operates with what is often a relatively high False Acceptance Rate (the chance that the user is not who the system thinks they are). Secondly, if a biometric scan is ever compromised, there is no method for a user to get a new fingerprint or facial scan — you can’t just change it like you do a password. Thirdly, and most importantly, the biometric design proposed for Manchester requires every individual’s biometric vein pattern to be stored in a central government system which will become a prime target for hackers. A much more secure way to leverage biometrics is to rely on fingerprint and facial scanning functionality now available on most smartphones combined with a modern authentication standard like WebAuthn which includes protection against phishing and other forms of identity theft.  Read Less
December 17, 2020

Face Verification And Multi-user SMS 2FA Options Added To SingPass – Expert Reaction
Face verification technology is certainly a stronger form of 2FA than SMS.
GovTech can be applauded for recognising that once size does not fit all when it comes to security, particularly with the introduction of multi-user SMS. Even though SMS OTP is vulnerable to SIM take-over and phishing-based attacks, introducing it as a second authentication factor greatly reduces the overall likelihood of attacks being successful. Face verification technology is certainly a stronger form of 2FA than SMS, but GovTech’s implementation of a government-owned centralised.....Read More
GovTech can be applauded for recognising that once size does not fit all when it comes to security, particularly with the introduction of multi-user SMS. Even though SMS OTP is vulnerable to SIM take-over and phishing-based attacks, introducing it as a second authentication factor greatly reduces the overall likelihood of attacks being successful. Face verification technology is certainly a stronger form of 2FA than SMS, but GovTech’s implementation of a government-owned centralised database of biometric information makes it a prime target for criminals who focus on compromising data stores that contain sensitive data for millions of users. A better approach would have been to rely on device-based biometrics that are already ubiquitous on smartphones, laptops and tablets. Biometric information would only be stored on the user’s personal device, with no central data store for hackers to target, and can leverage modern authentication standards like WebAuthn which have built-in protection against phishing attacks.  Read Less
November 17, 2020

Experts Reacted On Lazarus Malware Strikes South Korean Supply Chains
Maintaining good cybersecurity requires keeping an eye on the basics.
What has transpired here highlights how cybersecurity does not operate within a vacuum. Maintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are .....Read More
What has transpired here highlights how cybersecurity does not operate within a vacuum. Maintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.  Read Less
September 24, 2020

Comment: Vulnerability allows hackers full access to Instagram accounts
By allowing remote access to an Instagram account, the attackers could use this for any purpose they wish.
This vulnerability shows just how vulnerable our online accounts are. By allowing remote access to an Instagram account, the attackers could use this for any purpose they wish, including blackmail or the compromise of high-profile or corporate Instagram accounts. Instagram must work as quickly as possible to patch this vulnerability - Service providers have a duty of care to their users to follow security best practices — the discovery of a vulnerability like this should prompt a service.....Read More
This vulnerability shows just how vulnerable our online accounts are. By allowing remote access to an Instagram account, the attackers could use this for any purpose they wish, including blackmail or the compromise of high-profile or corporate Instagram accounts. Instagram must work as quickly as possible to patch this vulnerability - Service providers have a duty of care to their users to follow security best practices — the discovery of a vulnerability like this should prompt a service provider to go back to the drawing board and have a radical rethink of their approach to security.  Read Less
September 18, 2020

NCSC warns of ransomware attacks against UK universities – experts reaction
Security awareness training is also key in preventing employees and students from falling for phishing attacks.
The education sector is no different from any other industry, COVID-19 has accelerated its digital transformation programs. Accompanying this is a rise in ransomware attacks as we’ve seen in recent headlines. Fortunately, securing such institutions from an attack largely comes down to cyber hygiene - steps that have been laid out by the NCSC. Chief among them is the implementation of multi-factor authentication. This reduces the risk of attack by increasing the complexity of the exploit for.....Read More
The education sector is no different from any other industry, COVID-19 has accelerated its digital transformation programs. Accompanying this is a rise in ransomware attacks as we’ve seen in recent headlines. Fortunately, securing such institutions from an attack largely comes down to cyber hygiene - steps that have been laid out by the NCSC. Chief among them is the implementation of multi-factor authentication. This reduces the risk of attack by increasing the complexity of the exploit for the malicious attacker, as they must gain access to multiple authentication factors such as password, one-time token, and/or certificates. Generally speaking, they have a short period of time to do this prior to the authentication attempt expiring. Security awareness training is also key in preventing employees and students from falling for phishing attacks, a common attack vector. While the NCSC’s guide is helpful, it is irrelevant if educational institutions do not take action to apply the necessary measures.  Read Less
August 12, 2020

Comment: Upgraded Agent Tesla malware steals passwords from browsers, VPNs
Businesses should also consider moving away from their dependency on passwords.
Any malware with the capability of stealing passwords is very concerning given that they are traditionally a first line of defense for most websites and applications. It is even more concerning that they are able to steal passwords from VPNs which have become increasingly important in recent months for businesses functioning in the remote/hybrid working model ushered in by the COVID 19 pandemic. In order to prevent attackers from infiltrating deeper, both organisations and consumers alike need.....Read More
Any malware with the capability of stealing passwords is very concerning given that they are traditionally a first line of defense for most websites and applications. It is even more concerning that they are able to steal passwords from VPNs which have become increasingly important in recent months for businesses functioning in the remote/hybrid working model ushered in by the COVID 19 pandemic. In order to prevent attackers from infiltrating deeper, both organisations and consumers alike need to implement Multi-Factor Authentication (MFA). MFA Apps, hard tokens, biometrics, or one-time passwords prevent 99.9% of account takeovers and are instrumental if you want to defend against keyloggers. Businesses should also consider moving away from their dependency on passwords by taking advantage of the latest innovations in passwordless authentication.  Read Less
April 29, 2020

Expert Insight On Hackers Are Creating Backdoor Accounts And Cookie Files On WordPress Sites Running OneTone
Considering that over 75 million sites use WordPress, it’s not surprising that it’s a prime target for hackers searching out vulnerabilities.
Considering that over 75 million sites use WordPress, it’s not surprising that it’s a prime target for hackers searching out vulnerabilities. At the moment, bad actors are targeting sites running the OneTone theme to exploit a vulnerability that allows them to create backdoor admin accounts or inject malicious code inside the theme’s settings. For organiations running multiple WordPress sites, they should prioritise work based on a risk assessment of the services offered by each exposed.....Read More
Considering that over 75 million sites use WordPress, it’s not surprising that it’s a prime target for hackers searching out vulnerabilities. At the moment, bad actors are targeting sites running the OneTone theme to exploit a vulnerability that allows them to create backdoor admin accounts or inject malicious code inside the theme’s settings. For organiations running multiple WordPress sites, they should prioritise work based on a risk assessment of the services offered by each exposed website, e.g. payment processing, authentication credentials and PII data. Keeping on top of security alerts and taking timely action in response to published vulnerabilities is vital. In addition, Multi-Factor Authentication (MFA) should be enforced across all applications to reduce the impact of attacks like this, particularly for administrator access.  Read Less
April 08, 2020

Email.it Data Breach Exposes 600,000 Users – Expert Commentary
The data now hosted on dark web forums will move into the cybercriminal supply chain.
This is of course a significant worry for users of Email.it, and for the company itself whose brand reputation and security posture will suffer as a result of this breach. They may also find themselves in breach of legislation such as GDPR, which could incur fines sizeable enough to have a serious affect on the company’s bottom line. Applying proactive measures such as two-factor authentication and other access controls as part of an enterprise’s standard privacy requirements can help to.....Read More
This is of course a significant worry for users of Email.it, and for the company itself whose brand reputation and security posture will suffer as a result of this breach. They may also find themselves in breach of legislation such as GDPR, which could incur fines sizeable enough to have a serious affect on the company’s bottom line. Applying proactive measures such as two-factor authentication and other access controls as part of an enterprise’s standard privacy requirements can help to stop or mitigate the harm caused by incidents such as this. The data now hosted on dark web forums will move into the cybercriminal supply chain, working as fuel for further breaches, phishing attacks, malware distribution, data harvesting and in the most extreme cases wholesale identity theft. Stopping these breaches at the source will work to stop the cycle starting again, but in the meantime, Email.it needs to assist every user affected by the breach, urging them to ensure they update their credentials on any websites where they have used the same password, enable two-factor authentication on as many websites as possible, and consider signing up for a free credit rating monitor service.  Read Less
March 06, 2020

Experts Insight On News: Virgin Media Data Breach Affects 900,000 People
Misconfiguration is a term used really to hide the fact baseline controls haven’t been put in place like privileged user access controls.
We are still seeing service providers failing to follow fundamental best practices to secure their customers’ data. The fact the data was accessed without the need for advanced hacking techniques using a misconfiguration that was in place for 10 months highlights how important it is to carry out regular security reviews of systems holding sensitive data, and to put in place access control monitoring and alerting. Any company holding personal data of millions of people should be protecting all .....Read More
We are still seeing service providers failing to follow fundamental best practices to secure their customers’ data. The fact the data was accessed without the need for advanced hacking techniques using a misconfiguration that was in place for 10 months highlights how important it is to carry out regular security reviews of systems holding sensitive data, and to put in place access control monitoring and alerting. Any company holding personal data of millions of people should be protecting all of their applications and databases using a central access control platform with strong multi-factor authentication rules in place. Access Control is fundamental to protecting systems and databases, its security 101. Misconfiguration is a term used really to hide the fact baseline controls haven’t been put in place like privileged user access controls.  Read Less