Microsoft is rolling out passwordless login support over the coming weeks, allowing customers to sign in to Microsoft accounts without using a password. The company first allowed commercial customers to rollout passwordless authentication in their environments in March after a breakthrough year in 2020 when Microsoft reported that over 150 million users were logging into their Azure Active Directory and Microsoft accounts without using a password. Rolling out to all Microsoft accounts Starting today, Redmond announced that users are no longer required to have a password on their accounts. Instead, they can choose between the Microsoft Authenticator app, Windows Hello, a security key, or phone/email verification codes to log into Microsoft Edge or Microsoft 365 apps and services. “Now you can remove the password from your Microsoft account and sign in using passwordless methods like Windows Hello, the Microsoft Authenticator mobile app or a verification code sent to your phone o...
Apple users should immediately update all their devices — iPhones, iPads, Macs and Apple Watches — to install an emergency patch for a zero-click zero-day exploited by NSO Group to install spyware. The security updates , pushed out by Apple on Monday, include iOS 14.8 for iPhones and iPads, as well as new updates for Apple Watch and macOS. The patches will fix at least one vulnerability that the tech behemoth said “may have been actively exploited.” Citizen Lab first discovered the never-before-seen, zero-click exploit, which it detected targeting iMessaging, last month. It’s allegedly been used to illegally spy on Bahraini activists with NSO Group’s Pegasus spyware, according to the cybersecurity watchdog. The digital researchers dubbed the new iMessaging exploit ForcedEntry. Citizen Group said in August that they had identified nine Bahraini activists whose iPhones were inflicted with Pegasus spyware between June 2020 and February 2021. Some of the activists’ phones suffered ...