Identity & Access Archives – SecurityWeek Cybersecurity News, Insights & Analysis
- Passkey Login Bypassed via WebAuthn Process Manipulationby Eduard Kovacs on August 14, 2025 at 9:09 am
Researchers at enterprise browser security firm SquareX showed how an attacker can impersonate a user and bypass passkey security. The post Passkey Login Bypassed via WebAuthn Process Manipulation appeared first on SecurityWeek.
- 1Kosmos Raises $57 Million for Identity Verification and Authentication Platformby Eduard Kovacs on August 12, 2025 at 1:00 pm
1Kosmos has raised $57 million in Series B funding, which brings the total raised by the company to $72 million. The post 1Kosmos Raises $57 Million for Identity Verification and Authentication Platform appeared first on SecurityWeek.
- Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vectorby Torsten George on August 8, 2025 at 2:00 pm
As attackers target help desks and identity systems, traditional security perimeters are proving insufficient against agile, socially-engineered threats. The post Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector appeared first on SecurityWeek.
- PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Loginsby Kevin Townsend on August 6, 2025 at 3:54 pm
Splunk researchers developed a system to fingerprint post-logon behavior, using AI to find subtle signals of intrusion. The post PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Logins appeared first on SecurityWeek.
- Who’s Really Behind the Mask? Combatting Identity Fraudby Etay Maor on July 31, 2025 at 1:30 pm
Why context, behavioral baselines, and multi-source visibility are the new pillars of identity security in a world where credentials alone no longer cut it. The post Who’s Really Behind the Mask? Combatting Identity Fraud appeared first on SecurityWeek.
- Palo Alto Networks to Acquire CyberArk for $25 Billionby Mike Lennon on July 30, 2025 at 1:26 pm
Strategic acquisitions marks Palo Alto Networks’ formal entry into the identity security space and accelerates its platform strategy. The post Palo Alto Networks to Acquire CyberArk for $25 Billion appeared first on SecurityWeek.
- Booz Allen Invests in Machine Identity Firm Corshaby Kevin Townsend on July 10, 2025 at 12:00 pm
‘Machine identities’, often used interchangeably with ‘non-human identities’ (NHIs), have been increasing rapidly since the start of digital transformation. The post Booz Allen Invests in Machine Identity Firm Corsha appeared first on SecurityWeek.
- Thousands of SaaS Apps Could Still Be Susceptible to nOAuthby Kevin Townsend on June 25, 2025 at 1:50 pm
New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023. The post Thousands of SaaS Apps Could Still Be Susceptible to nOAuth appeared first on SecurityWeek.
- Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperativesby Torsten George on June 24, 2025 at 11:00 am
The future of secure digital engagement depends on continuous identity verification and proofing that can scale with risk. The post Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives appeared first on SecurityWeek.
- Russian Hackers Bypass Gmail MFA With App-Specific Password Ruseby Ryan Naraine on June 18, 2025 at 6:55 pm
Russian hackers posed as US State Department staff and convinced targets to generate and give up Google app-specific passwords. The post Russian Hackers Bypass Gmail MFA With App-Specific Password Ruse appeared first on SecurityWeek.
