Yubikey Archives

Yikes, YubiKey Vulnerable — ‘EUCLEAK’ FIDO FAIL?

Richi Jennings | September 4, 2024 | CVE-2024-45678, ECDSA, EUCLEAK, FIDO, FIDO2, Infineon, Passkeys, SB Blogwatch, YSA-2024-03, Yubikey

USB MFA SCA😱: Infineon hardware and software blamed for timing side-channel attack on popular auth tokens ...

Security Boulevard

Voice Phishers Targeting Corporate VPNs

BrianKrebs | August 19, 2020 | Allison Nixon, DomainTools, Latest Warnings, Security Keys, The Coming Storm, Unit 221B, urlscan.io, vishing, VPN phishing, Yubico, Yubikey, Zack Allen, ZeroFox

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers' networks. But one increasingly brazen ...

Krebs on Security

The FIDO Alliance Anniversary and YubiKey for RSA SecurID® Access

RSA Blog | February 12, 2020 | FIDO, FIDO Alliance, Identity Assurance, Identity Assurance Managment, RSA SecurID Access, Yubico, Yubikey

To address the risks associated with today?s dynamic workforce, customers need choice and simplicity. In commemoration of the FIDO Alliance anniversary, RSA® shares why choice is a key reason they support the ...

RSA Blog

Protecting Infrastructure With TLS Client Authentication

Pat Cable | September 12, 2019 | Dev & DevOps Knowledge, HAProxy, Multi-Factor Authentication, openssl, s_client, Security Research & Strategy, TLS, Yubikey

Here at Threat Stack we really like Yubikeys — and they’re a critical part of our security program. Many folks know Yubikeys for their ability to generate one-time codes for use as ...

Blog – Threat Stack

An Overview of Yubikey Two Factor Authentication

Majid Latif | January 29, 2019 | MFA, Multi-Factor Authentication, security, Uncategorized, Yubikey

The password is arguably the most popular and most common security measure available and yet can be the most vulnerable if not managed securely. Passwords, for example, do not provide a reliable ...

LogonBox Journal

The Shared Security Weekly Blaze – Quiet Skies TSA Surveillance Program, SIM Hijacking and the Reddit Data Breach, Sextortion Scams

Tom Eston | August 6, 2018 | ACLU, Cybersecurity, Data breach, EFF, Mobile, Podcast Episodes, Privacy, Quiet Skies, reddit, sextortion, SIM Hijacking, SMS, surveillance, tsa, two factor authentication, Weekly Blaze Podcast, Yubikey

This is the Shared Security Weekly Blaze for August 6, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions and Silent Pocket. This episode was ...

Shared Security

Google: Security Keys Neutralized Employee Phishing

BrianKrebs | July 23, 2018 | Chrome, Dashlane, dropbox, Duo Security, edge, facebook, FIDO Alliance, Firefox, Firefox Quantum, GitHub, Google Advanced Protection, KeePass, lastpass, Microsoft, opera, Safari, Security Keys, Security Tools, U2F, Web Authentication API, WebAuthn, World Wide Web Consortium, Yubikey

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of ...

Krebs on Security