Recently released court documents show that European-based cinema chain Pathé lost a small fortune to a business email compromise (BEC) scam in March 2018. How much? An astonishing US$21.5 million (roughly 19 million euros). The attack, which ran for about a month, cost the company 10 percent of its total earnings. What is business email compromise? Business email compromise is a type of phishing … [Read more...]
November 19, 2018
October 17, 2018
Is FIDO the future instrument to prove our identity?
FIDO, short for Fast IDentity Online, is an industry consortium started in 2013 to address the lack of interoperability among strong authentication devices and the problems users face creating and remembering multiple usernames and passwords. Among the founders were those who work in the financial sector, device manufacturers, and providers of authentication solutions. What is FIDO? According to … [Read more...]
September 21, 2018
Simple Authentication and Security Layer (SASL) vulnerabilities
Simple Authentication and Security Layer (SASL) is an authentication layer used in Internet protocols. SASL is not a protocol, but rather a framework that provides developers of applications and shared libraries with mechanisms for authentication, data integrity–checking, and encryption. Within the framework and a few of its plugins, there are a couple of known vulnerabilities that we want to make … [Read more...]
