Angesichts wachsender Bedrohungen und steigender regulatorischer Anforderungen durch DSGVO, PSD2 oder den Cyber Resilience Act ist die Nachfrage nach starker, phishing-resistenter Authentifizierung hoch. Eine neue Lösung stärkt die Zugangssicherheit mit PIN-Richtlinien, die Mindestlängen, Komplexität und Kontrolle standardmäßig durchsetzen. Um sich auf die sich ständig weiterentwickelnden Cyber-Bedrohungen vorzubereiten, passen Regierungen weltweit die Authentifizierungsanforderungen f...| B2B Cyber Security
Step-by-step tutorial to add Yubikey 2FA to your iCloud account. Prevent phishing and protect your Apple iPhone, iPad, or Mac.| All Things Secured
Heiko Schäfer discovered a new security issue in the Yubico yubihsm_pkcs11.so driver library, which we disclosed together to Yubico. The YubiHSM PKCS#11 client-side library is designed to interact with Yubico HSM2 hardware security modules. Due to flaws in the memory handling, the library code accidentally returns 8192 bytes of previously used process memory under some circumstances. This impacts the memory confidentiality of the calling program for some usages.| invd blog
I have discovered two new security issues in the Yubico libykpiv client-side code which were introduced as a regression in the 2.3.0 release. Flaws in the memory handling of the auth handshake procedure with a PIV smartcard could lead to memory corruption, denial of service or other unexpected behavior under some conditions. The practical security impact on tested production binaries appears to be limited.| invd blog
Thanks to Henrik Schack‘s great work in developing a WordPress Yubikey plugin, I now use two-factor hardware-assisted authentication technology (i.e., the Yubikey) to log in to my blog. Kudos, Henrik! Since my server still uses php4 (sigh), I had to Continue reading My blog uses Yubikey authentication→| Simon Josefsson's blog