#authentication-security

[ follow ]
#sim-swap-attacks #mobile-identity-verification #account-takeover
Information security
fromSecurityWeek
1 week ago

SIM Swaps Expose a Critical Flaw in Identity Security

SIM swap attacks exploit structural weaknesses in mobile-based identity verification, allowing criminals to intercept authentication codes and take over accounts by transferring victims' phone numbers to attacker-controlled SIM cards.
Information security
fromSecurityWeek
2 weeks ago

Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability

A researcher discovered that Honeywell's IQ4 building controller exposes unauthenticated web interfaces and allows remote administrator account creation, but Honeywell disputes the severity, claiming the vulnerability only exists during installation before the system becomes operational.
Information security
fromThe Hacker News
3 months ago

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Entra ID sign-ins will restrict scripts to trusted Microsoft domains via updated CSP, blocking injected code and preventing XSS starting October 2026.
[ Load more ]