SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Monday, May 5th: Steganography Challenge; Microsoft Makes Passkeys Default and Moves Away from Authenticator as Password Manager; Magento Components Backdoored.
May 5, 2025
A new steganography challenge has listeners decoding hidden messages, with solutions to come soon. Microsoft is pushing Passkeys as the default login method, aiming for a password-free future. Big changes are on the horizon as Microsoft Authenticator will no longer serve as a password safe, shifting users to Edge's password prefill. Meanwhile, alarm bells ring as backdoors in Magento components are discovered, activating after years of dormancy, raising questions about vendor security.
AI Snips
Chapters
Transcript
Episode notes
Steganography Challenge Released
- Diddy published a fun steganography challenge with a sample image using a new method.
- Participants can submit solutions for prizes, with a RAW 13 encoded hint provided for help.
Microsoft Pushes Passkeys Default
- Microsoft is making passkeys the default and only login method for new accounts.
- Without Microsoft Authenticator, users will still need passwords, limiting full adoption.
Move Passwords From Authenticator
- Microsoft Authenticator will no longer support password management starting June.
- Users must move credentials to Microsoft Edge's password manager by August.