The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse.

Secure Your Google Ads Account Against The Rise In Hijackings

For the past year or so, I've seen a growing number of complaints about Google Ads accounts being hijacked. It seems to be getting worse, even after we covered the Google Ads account hijacks last ...

Okta SSO accounts targeted in vishing-based data theft attacks

Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks.
CSO Online

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.

Millions of people imperiled through sign-in links sent by SMS

Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of ...
SecurityWeek

Why Identity Security Must Move Beyond MFA

Organizations with a comprehensive identity security strategy are better positioned to defend against evolving threats and ...

Passwordless authentication at top of healthcare IT leaders’ priorities, report shows

Imprivata’s survey found that 85% favour passwordless authentication, yet adoption lags due to technical and ...

Mandiant pushes organizations to dump insecure NTLMv1 by releasing a way to crack it

Google’s Mandiant security division has come up with an unusual tactic to persuade organizations to stop using the aged and ...

Mandiant Exposes Major Flaw In Outdated Windows Authentication

Mandiant, the Google-owned cybersecurity firm, has publicly released a comprehensive dataset of Net-NTLMv1 rainbow tables, ...

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP ...

Instagram denies data breach of 17 million users after password reset email wave — here's what to do next

Instagram denied a data breach after mass password reset emails were sent by an external party over the weekend, with the ...
9to5google

Google announces the future of Gmail with AI Inbox & new AI Overview search

Google today previewed the future of Gmail, with new features like AI Overviews for search that are rolling out starting today and the upcoming ”AI Inbox.” This comes as Gmail has over 3 billion ...