CSOonline

PoisonSeed outsmarts FIDO keys without touching them

The novel technique exploits the cross-device sign-in option on FIDO to create an authenticated session controlled by attackers. PoisonSeed, the notorious crypto-hacking attack group known for ...
Ars Technica

Found a FIDO Security Key - now what

As we were walking the dog, the SO said "there's a flash drive"; turned out to be a FIDO key instead. Figuring someone might be desperately missing it, I took it home, and posted on NextDoor. Now I ...
Business Wire

Thales Introduces New FIDO Key Lifecycle Management Solution to Enable Secure Authentication at Scale

MEUDON, France--(BUSINESS WIRE)--Thales, the leading global technology and security provider, today announced the launch of OneWelcome FIDO Key Lifecycle Management, a new solution to help large ...

Kensington Expands VeriMark Portfolio with New NFC+ USB-C and USB-A FIDO2 Level 2 Security Keys

Kensington announced the addition of two new NFC+ hardware security keys to its family of VeriMark security products.
Bleeping Computer

New Eucleak attack lets threat actors clone YubiKey FIDO keys

A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm ...
Dark Reading

FIDO Authentication Poised for Continued Growth as Alliance Submits FIDO 2.0 Web API to W3C

Tokyo, Japan and Mountain View, Calif., – November 20, 2015… The FIDO® (Fast IDentity Online) Alliance (https://www.fidoalliance.org/), an industry consortium ...