MFA
Beyond Traditional Vendor Management: Navigating AI Risks in the Supply Chain
There are many ways in which AI is increasing risk, extending beyond third parties to affect all aspects of our security programs ...
What is Strong Authentication in Cybersecurity?
Strong authentication goes beyond passwords by layering multiple independent verification methods—like biometrics, smart devices, and tokens. Learn how it strengthens your cyber defenses, meets compliance standards, and earns customer trust in today’s ...
Top 9 User Authentication Methods to Stay Secure in 2025
Discover the top authentication methods shaping digital security in 2025. From passwordless login and adaptive MFA to biometrics and secure passkeys, learn how to protect your digital identities effectively. Strengthen security and ...
Stopping MFA Fatigue Attacks Before They Start: Securing Your Entry Points
MFA Fatigue Attacks on the Rise Yet another challenge is undermining the effectiveness of MFA: MFA fatigue attacks. In an MFA fatigue attack (sometimes also referred to as an “MFA bombing” or ...
Cybersecurity Insights with Contrast CISO David Lindner | 03/07/25
Insight No. 1. — Ransomware groups are using CISA’s KEV catalog as a runbook Given that CISA's Known Exploited Vulnerabilities (KEV) catalog highlights the most actively exploited and critical Common Vulnerabilities and ...
Research on Compromised Credentials
Osterman Research Exposes the Growing Risk The new Osterman Research report, Safeguarding Identity Security: We Need to Talk About MFA, surveyed 126 identity, IAM, and cybersecurity leaders from U.S. companies averaging 3,400 ...
Google Cloud’s Multi-Factor Authentication Mandate: Setting a Standard or Creating an Illusion of Security?
Google Cloud recently announced that it will require all users to adopt multi-factor authentication (MFA) by the end of 2025, joining other major cloud providers like Amazon Web Services (AWS) and Microsoft ...
Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins
Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks in late January 2025, Astaroth is a brand new phishing kit that ...
Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins
Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks in late January 2025, Astaroth is a brand new phishing kit that ...
Ransomware Threats, Led by FunkSec, Rise to New Heights
Ransomware attacks surged to a record high in December 2024, with 574 incidents reported, according to an NCC Group report. FunkSec, a newly identified group combining hacktivism and cybercrime, accounted for over ...
