Posted in Commentary with tags Netlok on April 16, 2026 by itnerd
The global cybersecurity crisis has entered a new and far more dangerous phase. Artificial intelligence has handed attackers the tools to automate credential theft at unprecedented speed, and the identity systems billions of people rely on every day — passwords, biometrics, and passkeys — are falling one by one. Netlok, LLC, a California-based cybersecurity innovator, is answering with Photolok, the first and only patented identity platform engineered from the ground up to be AI-resilient.
The numbers are staggering. The FBI’s Internet Crime Complaint Center reported $16.6 billion in cybercrime losses in 2024, a 33% surge over the prior year1. Industry researchers at Cybersecurity Ventures project global cybercrime damages will reach $10.5 trillion in 2025, up from $3 trillion in 2015 — the largest transfer of economic wealth in history2. According to Microsoft’s 2025 Digital Defense Report, more than 97% of identity attacks now rely on password spray or brute-force methods, and Microsoft alone blocks approximately 7,000 password attacks per second3.
Deepfake technology has rendered facial recognition, voice verification, and fingerprint scanning fundamentally unreliable — 47% of organizations reported experiencing deepfake-based attacks in the past year5. Passkeys, widely promoted as the successor to passwords, depend on those same compromised biometrics as their first step. According to Perez, incremental fixes no longer change attacker economics.
Photolok replaces the traditional identity and access methods with photo-based login designed around how the human brain naturally works. Users randomly receive three photos from Photolok’s custom library during setup. At login, they identify those photos from randomized visual portfolios — a process that takes ten to fifteen seconds and requires no passwords, no biometric data, and no memorized codes. Four layers of randomization — cryptographic, behavioral, temporal, and deceptive — protects the user’s identity from AI attacks with every session. Because nothing is static and nothing repeats, AI has nothing to learn, replicate, or predict.
Photolok also introduces Situational Security features that protect the person, not just the credential. Duress Photos act as a silent alarm if a user is logging in under coercion. One-Time Photos self-destruct after a single use to defeat shoulder-surfing. The technology is protected by granted patents spanning the United States, European Union, United Kingdom, Japan, Canada, Australia, and Mexico.
Netlok, LLC is a Santa Barbara, California-based cybersecurity company and creator of Photolok, a patented photo-based identity platform that eliminates passwords and resists AI-driven attacks. Founded by serial inventor Tony Perez — whose prior inventions include a patented safety syringe developed during the AIDS epidemic — ARP-IP (Perez) holds granted patents across the United States, European Union, United Kingdom, Japan, Canada, Australia, and Mexico. Photolok’s visual authentication method leverages the brain’s natural ability to recognize images, delivering an identity solution that is both ultra-secure and effortlessly human. For more information, visit www.netlok.com.
The Class of 2026 is graduating into one of the toughest entry-level job markets in years, where ‘entry-level’ roles increasingly require experience, AI is reshaping expectations, and traditional career paths feel less reliable than ever.
For many new grads, the challenge isn’t just competition. It’s knowing where to look, and how to get started in a market that no longer follows a clear path.
To make sense of this shift, LinkedIn is releasing its annual Grad’s Guide, a data-backed look at how early-career opportunities are evolving and where they’re emerging for new grads today. The guide highlights the fastest-growing jobs and industries, offering insight into where opportunities are expanding and what new grads should prioritize as they enter the workforce.
It also comes as LinkedIn rolls out AI-powered tools designed to tackle one of Gen Z’s biggest barriers: not knowing where to start. These tools help identify relevant roles, understand fit, and navigate a more fragmented job search.
Posted in Commentary with tags Hacked on April 16, 2026 by itnerd
A new malware family named ‘AgingFly’ has been identified (the link requires you to translate into English) in attacks against Ukrainian governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger.
Commenting on this news is Ensar Seker, CISO at SOCRadar:
“AgingFly reflects a continued shift toward credential-centric operations, where attackers prioritize access over disruption in the initial stages. By targeting Chromium-based browsers and messaging platforms like WhatsApp, actors are going after high-value session data that enables lateral movement, impersonation, and long-term persistence rather than immediate impact.
What’s notable here is the targeting profile, government, healthcare, and potentially defense-linked entities which suggests intelligence collection and pre-positioning rather than opportunistic cybercrime. Groups like UAC-0247 are increasingly blending espionage tactics with commodity malware techniques, making detection harder. Organizations should treat browser-stored credentials and messaging session tokens as sensitive assets and move toward stronger controls like device-bound authentication, reduced credential storage, and continuous session monitoring.”
Reading through this document makes one thing clear. This is a skilled threat actor who is clearly out to set up shop for the long term. That’s the most dangerous type of threat actor to deal with. And chances are, they won’t stop at Ukraine as I fully expect them to be using the same techniques elsewhere.
The U.S. Environmental Protection Agency (EPA) has proposed $19.1 million in funding for its Information Security Program in fiscal year 2027, representing a $9.6 million increase over 2026 levels, to strengthen cybersecurity protections across water systems, support controls and secure implementation of emerging technologies, including AI.
The proposal would expand the EPA’s Drinking Water Infrastructure Resilience Grant Program to include dedicated cybersecurity funding, enabling water systems to upgrade infrastructure, improve defenses, and enhance operational resilience against cyber threats. The agency also plans to continue providing technical assistance and support to states, Tribes, and local utilities responsible for water system operations.
The initiative comes as federal agencies continue to identify cybersecurity vulnerabilities in water and wastewater systems, which rely on interconnected operational and IT environments. Is also comes after the WH’s proposed budget suggests slashing the EPA’s budget by 52%, to $4.2 billion.
Doc McConnell, Head of Policy and Compliance, Finite State:
“We know that US critical infrastructure is a visible target for our adversaries. It shouldn’t be a soft target too. It’s reassuring to see that the EPA is planning greater investment in the resilience and cybersecurity of our drinking water, especially given recent announcements about Iran-affiliated cyber actors targeting our water sector.
“I hope that Congress appreciates the urgency of this threat and understands that these types of investments are national security imperatives, not just for the water sector, but across all our critical infrastructure. Infrastructure operators across the country need additional resources to understand their risk, secure their systems, and respond quickly to incidents when they occur.”
Phil Wylie, Senior Consultant & Evangelist, Suzu Labs:
“EPA is clearly signaling that water system cybersecurity is now a critical infrastructure priority, not just an IT concern. The proposed increase, especially with dedicated funding tied to drinking water resilience, is a meaningful step. But it comes against the backdrop of a significantly reduced overall EPA budget, so the real challenge will be whether utilities and states have the resources and operational capacity to translate that funding into measurable security improvements.”
“The EPA’s proposed $19.1 million cybersecurity budget for FY 2027, a nearly 100% increase, is a drop in the bucket compared to the systemic vulnerability of U.S. water infrastructure, yet it signals a critical shift toward direct federal intervention.
“By attempting to embed cybersecurity funding into the Drinking Water Infrastructure Resilience Grant Program, the agency is finally moving past “voluntary guidance” to address the chronic underfunding of operational technology (OT) security in small and medium-sized utilities. However, this progress is threatened by a paradoxical White House proposal to slash the overall EPA budget by 52%.
“A move that would likely gut the very personnel needed to oversee these new grants and technical assistance programs. For security leaders and utility executives, the immediate priority remains securing the IT/OT boundary and remediating default credentials on Internet-exposed controllers (PLCs), as geopolitical actors continue to exploit these low-hanging fruits.
“Relying on federal grants that may be dead on arrival in Congress is not a strategy; instead, utilities must leverage existing State Revolving Funds (SRFs) and CISA’s local grant programs to harden assets before the 2027 fiscal cycle begins. All of this comes on the heels of reports that cyberattacks from the Middle East against US critical infrastructure are on the rise.
“Asking the EPA to defend national water systems while cutting half its staff is like asking a lifeguard to watch the pool from the parking lot.”
Given how critical and vulnerable that this infrastructure is, they need this and more funding. Otherwise things could easily go sideways in terms of this infrastructure getting pwned by someone.
The ShinyHunters extortion group has leaked data from 13.5 million edtech giant McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month.
Commenting on this news is Paul Bischoff, Consumer Privacy Advocate at Comparitech:
“Most of the compromised data is contact info like addresses, phone numbers, and email addresses. While that info probably can’t be used to directly steal from victims, cybercriminals could use it to craft convincing phishing messages that contain personal info. Breach victims should be on the lookout for targeted scam and phishing messages from cybercriminals posing as McGraw Hill or a related organization. Never click on links or attachments in unsolicited messages, and never send any sensitive private info in an email or text message.”
Posted in Commentary with tags Fortra on April 16, 2026 by itnerd
Fortra today announced the launch of its new Defense and Intelligence Unit (DIU), a dedicated business focused on delivering advanced, integrated cyber capabilities to critical infrastructure, defense, intelligence, and national security organizations around the world. Building on its strong momentum in this space, the DIU will operate with its own leadership and a dedicated operating model.
Leading the new unit is John Grancarich, appointed EVP, Head of Defense and Intelligence. Grancarich most recently served as Fortra’s Chief Strategy Officer, where over the past year he worked closely with elite operators, global partners, and senior mission leaders to assess emerging needs across the defense and intelligence ecosystem. These insights have informed the DIU’s design, vision, and strategy.
The DIU will invest in several strategic areas, including:
Unified data discovery, classification and protection compliant with advanced defense industry requirements
Secure data movement across contested, classified, and disconnected networks
AI-driven infrastructure testing and exposure assessments for high-risk‑ operational environments
Mission-tailored architectures, including deployable and enclave-ready solutions
Deep partnerships with global systems integrators, mission support organizations, and technology providers
Cleared facilities and talent in North America and Europe
The launch of the DIU marks a significant milestone in Fortra’s broader strategy to support regulated, high-risk, and mission-critical sectors. The unit will play an essential role in Fortra’s long-term growth while advancing global cyber resilience in partnership with allied nations and organizations.
Posted in Commentary with tags ESET on April 16, 2026 by itnerd
ESET today released its 2026 SMB Cyber Readiness Index – North America edition. This new report surveyed hundreds of small and medium-sized businesses (SMBs) from across the United States and Canada to uncover new insights into their cyber resilience, incidents and reporting, perceived threats, and investments – while analyzing the current appetite for managed services, cyber insurance and AI-powered applications.
In this new report, 87% of U.S. and 83% of Canadian SMBs said that they feel slightly to very confident that their business is cyber resilient. Across both countries, cyber resilience confidence rose to 91% and 88%, respectively, for businesses that had more than one cyber incident in the last year (over businesses that had zero or one incident during that timeframe). Across both regions, about half of respondents (47% in the U.S. and 52% in Canada) said that they don’t expect a change in cybersecurity budget this year.
In order to manage cyber-attacks, SMBs are increasingly including cyber insurance in their resilience strategies to ensure compliance, financial stability and peace of mind when incidents occur. Today, 86% of U.S. SMBs carry cyber insurance, with over half deploying specific security controls (e.g., MFA, IAM, EDR/MDR) as part of their coverage conditions. Canadian SMBs only trail slightly with 78% carrying cyber insurance. In both countries, respondents who have had more than one incident are more likely to carry insurance.
On the AI front, Canadians are more cautious about the deployment of new AI applications than their U.S. counterparts. 69% of Canadian respondents said that they are integrating AI applications into their organization compared to 81% of U.S. respondents.
The 2026 Index surveyed 700 cybersecurity decision-makers across U.S. and Canadian organizations with 25 to 1,000 endpoints, uncovering new insights into SMB cyber readiness, incident response, cybersecurity tools and management, insurance and compliance, AI strategy, and more. Here are some additional highlights from the report released today:
“Perception vs. Reality”: Are SMBs Worried About the Right Threats?
· SMBs across the U.S. (32%) and Canada (34%) say AI-powered malware is their top concern for the year ahead, a signal of how dominant AI has become in headlines and boardroom conversations.
· But the actual causes of breaches paint a very different picture. In the U.S., the leading drivers of cyber incidents remain phishing (27%), lack of security monitoring (27%) and unpatched security vulnerabilities (25%). In Canada, attacks most often stem from phishing (21%), weak passwords (20%), and insufficient security monitoring (20%).
· Meanwhile, one of the most consequential risks, supply chain compromise, barely registers among SMBs’ top concerns in the survey, ranking eighth (17%) among U.S. respondents and 10th (16%) for Canadians – despite the potential for widespread downstream impact.
· Finally, 82% of U.S. and Canadian SMBs agree that cyber warfare and global conflict pose a real threat to their business, underscoring how interconnected today’s risks are.
Cyber Insurance is Influencing Security Behavior
· Incident experience is a major driver of cyber risk insurance adoption: 95% of U.S. and 92% of Canadian SMBs that suffered multiple incidents carry insurance, compared to 77% of U.S. and 68% of Canadian businesses with no incidents.
· In both markets, insurers are playing a more direct role in shaping security posture: 55% of insured U.S. SMBs and 41% of insured Canadian SMBs are required to implement specific controls, often involving continuous monitoring or MDR‑style services, as a condition of coverage.
· Of SMBs surveyed, 16% U.S. and 19% of Canadian respondents say that they outsource some or all of their cybersecurity. Of the U.S. companies that outsource, 35% of SMBs now outsource security to a cyber insurer offering MDR, 21% use an MDR vendor, 17% rely on an MSP/MSSP with MDR, and 27% still use a traditional MSP.
· Of the Canadian companies who outsource, 27% of SMBs now outsource security to a cyber insurer offering MDR, 8% use an MDR vendor, 27% rely on an MSP/MSSP with MDR, and 38% still use a traditional MSP.
Confidence Rising Meets Increasing Attacks
· Even as confidence rises, cyberattacks remain widespread across the U.S. and Canada, reinforcing the sense that cybersecurity incidents are now an inevitable part of doing business.
· In the U.S., 54% of SMBs experienced an incident in the past 12 months, including 22% who faced multiple breaches. Canada shows a similar trend, with 46% reporting at least one incident and 12% experiencing more than one. These numbers highlight how frequently SMBs are being targeted and successfully compromised, despite increased awareness and stronger budgets.
· This growing prevalence is shaping how SMBs think about risk, pushing many to build processes that assume disruption rather than hope to avoid it altogether. In fact, organizations with multiple incidents show the highest confidence levels. In the U.S., 52% of those with repeat incidents (and 42% of Canadians) identify as “very confident,” compared to firms with only one or no incidents.
· These repeatedly targeted organizations also report the strongest budgets, with 45% of U.S. SMBs in this category describing their cybersecurity funding as “more than sufficient” and expecting additional investment increases. Canadian firms were less enthusiastic with their budget – with 25% identifying their budgets as “more than sufficient.”
· Finally, cybersecurity confidence does not always correlate with company size in the United States. Larger U.S. SMBs (500–1,000 endpoints) are less likely to deploy advanced, proactive measures such as threat detection and response (24%) than smaller SMBs (34%), indicating that operational complexity may be outpacing modernization efforts even as confidence rises.
SMBs are Still Investing in Awareness & Training
· Across both the U.S. and Canada, cyber awareness training emerges as the top investment priority for the year ahead, reinforcing the reality that human error remains the most exploited weakness in today’s attacks.
· Over 90% of SMBs in both countries say training is “critical” or “very important,” with 42% of U.S. SMBs and 43% of Canadian SMBs planning to increase these investments in the next 12 months—making it the leading budget category in both markets.
· Nearly half of SMBs now go beyond basic training: 44% of U.S. organizations and 47% in Canada use structured programs that include phishing simulations, a shift likely driven by rising concern over AI‑driven phishing techniques and deepfake‑enabled impersonation threats.
· This emphasis on strengthening the human layer aligns closely with incident data, as phishing remains a top cause of breaches (27% in the U.S., 21% in Canada), underscoring why SMBs continue to invest heavily in awareness, behavior change, and simulation‑based resilience.
ESET’s 2026 SMB Cyber Readiness Index surveyed 700 cybersecurity decision‑makers across the United States and Canada in industries such as manufacturing, construction, healthcare, retail, telecommunications, transportation, and more. This included 500 respondents from the United States and 200 from Canada with 25 to 1,000 endpoints. Notably, 67% of U.S. respondents and 51% of Canadian respondents were their company’s primary decision-makers for cybersecurity.
A threat actor surfaced on a popular hacker forum, claiming to possess data belonging to Lacoste, Ralph Lauren, Canada Goose, and Carter’s.
The threat actor shared a small batch of sample images, roughly three to four per brand. The Cybernews research team has gone through the files provided.
These screenshots appear to include employee details such as full names and work email addresses. Others hint at possible customer data, though those portions were partially redacted by the actor before being posted. The full extent of the alleged breach remains under wraps, but Cybernews has reached out to the brands for confirmation.
Data that was allegedly stolen:
Full names and work email addresses of company staff;
Screenshots showing email addresses and home addresses of customers;
Internal metadata in the form of various numerical values and system-specific data points.
The attacker states in the post that it is “supply chain data.” Cybernews researchers analyzed the technical fingerprints left behind in the samples.
“Generally, the format of this data repeats across different brands mentioned and their samples,” our researchers noted. This points toward a supply chain attack, where a third-party service provider, likely one specializing in data management or retail logistics, was the true entry point. “The data itself looks like it came from SQL server DBMS, because photo samples included specific SQL server-related metadata, such as row version numbers,” our research team explained.
“The company may have had some compromised employee accounts. It could’ve also had some system misconfigurations that led to unauthorized access to internal data without necessarily having any account credentials,” our researchers added.
Exclaimer today announced a new integration with Workday, enabling organizations to use employee data from their HR system to automatically populate email signatures and video meeting themes.
Workday counts more than 75 million users under contract globally, all of them sending emails with little to no direct connection between their HR record and their email signature. For many of these organizations, Workday is the primary system of record for employee information, from job titles to contact details. But that data often does not carry through to everyday communications. Instead, details shared in email signatures or on meeting are still maintained through an IT-managed directory, manual updates, CSV uploads, and directory workarounds.
As organizations hire and scale, this disconnect can quickly lead to outdated or inconsistent employee details. This increases the workload for IT teams and a higher risk of incorrect information appearing in business communications, undermining professionalism, trust, and compliance. These issues are especially visible during setup and onboarding, where data inconsistencies can delay deployment and create friction during evaluation and rollout.
According to Exclaimer’s recent State of Business Email report, over a third (35%) of global IT teams rank email signature management among their most time-consuming email tasks, while 80% still rely on manual methods or user self-service. Notably, in 16% of organisations, responsibility for email signatures sits with HR, second only to IT, highlighting the growing overlap between people data and everyday communications. With 92% of leaders agreeing that consistent, well-managed signatures are important for building trust and professionalism, the pressure to get this right continues to grow.
Bringing workforce data into everyday digital communications This integration allows organisations to use Workday as an employee data source within the Exclaimer platform, alongside directories such as Entra ID (Azure AD) and Google Directory. It extends existing HR and data protection controls into email signatures and meeting themes, so employee data is applied where it’s needed without being duplicated or recreated across systems.
With Workday integration, organisations can:
Use Workday as a trusted data source – Bring employee details like names, job titles, departments, and contact details directly from HR-managed records into email signatures and meeting themes.
Reduce manual updates and workarounds for IT – Move away from CSV uploads, ad hoc scripts, and directory fixes with a governed integration that keeps employee data in sync automatically.
Keep HR as the data owner while IT governs the platform – Maintain clear ownership boundaries by enabling HR to manage employee information in Workday, while IT manages access, deployment, and policy within Exclaimer.
Maintain accuracy through constant organisational change – Keep signatures and meeting themes aligned as teams grow, evolve, or go through mergers and acquisitions, without repeated clean-up cycles in the directory.
Built for communications governance and data accuracy
Trusted by more than 9 million users across 75,000 organisations worldwide, Exclaimer processes over 20 billion email signatures each year and supports branding across video conferencing platforms including Microsoft Teams, Zoom, and Google Meet.
Email signatures and meeting branding are high-volume, high-visibility touchpoints where inaccurate information is quickly noticed. Yet in many organisations, employee data is still managed separately from the systems used to deliver these communications. With the addition of Workday, Exclaimer connects HR systems directly to these channels, helping organisations keep employee details accurate, consistent, and up to date across communications that carry real weight.
Immediate availability
Exclaimer’s Workday integration is available as part of the Pro plan. Customers can connect Workday and start applying HR-managed employee data to email signatures and meeting themes.
For more information, or to see Exclaimer’s Workday integration in action, visit exclaimer.com and start a free trial.
Posted in Commentary with tags Hacked on April 16, 2026 by itnerd
Three of the most widely deployed AI agents on GitHub Actions can be hijacked into leaking the host repository’s API keys and access tokens — using GitHub itself as the command-and-control channel. Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and Microsoft’s GitHub Copilot were targeted and disclosed the flaws but did not assigned CVEs or publish public advisories.
“AI agents embedded into developer workflows are quickly becoming part of the software supply chain, and this research highlights a structural security gap rather than an isolated bug. When an agent is granted access to GitHub Actions, secrets, and external tools, prompt injection is no longer just a data integrity issue, it becomes a privilege escalation path that can directly expose API keys, tokens, and internal automation pipelines.
The more concerning aspect is not the vulnerability itself, but the lack of transparent disclosure. Without advisories or CVEs, organizations cannot properly assess exposure, especially when many teams pin agent versions or reuse workflows across repositories. This creates a silent risk layer inside CI/CD environments, where compromised agents can operate with high trust and minimal visibility.
From a defensive standpoint, this reinforces that AI agents must be treated as untrusted code with strict isolation boundaries. Secrets should never be directly accessible to agent execution contexts, and GitHub Actions workflows need tighter scoping, short-lived credentials, and explicit approval gates. More broadly, this is a wake-up call that AI-native attack surfaces are evolving faster than vendor disclosure practices, and security teams need to assume these agents can and will be manipulated.”
“We spent twenty years building zero-trust for humans and then handed AI agents god-mode secrets with no identity layer at all. These aren’t getting hacked because they’re flawed. They’re getting hacked because nobody asked the most basic security question of all: should this thing have access to our secrets?”
“Three billion-dollar companies paid researchers for finding credential-theft vulnerabilities in their AI agents, and then told no one. No CVEs, no advisories…. If this were an OAuth library, there’d be congressional hearings. But AI gets a different set of rules and that should terrify every company running these tools in production.”
This is a #fail. Any company doing anything with AI needs to make sure that the trust level is low so that when, not if, these sorts of things happen, they are protected from the inevitable fallout.
As AI-Powered Cybercrime Surges Past $10 Trillion, California Cyber Expert Unveils the Only Authentication System Built to Withstand It
Posted in Commentary with tags Netlok on April 16, 2026 by itnerdThe global cybersecurity crisis has entered a new and far more dangerous phase. Artificial intelligence has handed attackers the tools to automate credential theft at unprecedented speed, and the identity systems billions of people rely on every day — passwords, biometrics, and passkeys — are falling one by one. Netlok, LLC, a California-based cybersecurity innovator, is answering with Photolok, the first and only patented identity platform engineered from the ground up to be AI-resilient.
The numbers are staggering. The FBI’s Internet Crime Complaint Center reported $16.6 billion in cybercrime losses in 2024, a 33% surge over the prior year1. Industry researchers at Cybersecurity Ventures project global cybercrime damages will reach $10.5 trillion in 2025, up from $3 trillion in 2015 — the largest transfer of economic wealth in history2. According to Microsoft’s 2025 Digital Defense Report, more than 97% of identity attacks now rely on password spray or brute-force methods, and Microsoft alone blocks approximately 7,000 password attacks per second3.
Deepfake technology has rendered facial recognition, voice verification, and fingerprint scanning fundamentally unreliable — 47% of organizations reported experiencing deepfake-based attacks in the past year5. Passkeys, widely promoted as the successor to passwords, depend on those same compromised biometrics as their first step. According to Perez, incremental fixes no longer change attacker economics.
Photolok replaces the traditional identity and access methods with photo-based login designed around how the human brain naturally works. Users randomly receive three photos from Photolok’s custom library during setup. At login, they identify those photos from randomized visual portfolios — a process that takes ten to fifteen seconds and requires no passwords, no biometric data, and no memorized codes. Four layers of randomization — cryptographic, behavioral, temporal, and deceptive — protects the user’s identity from AI attacks with every session. Because nothing is static and nothing repeats, AI has nothing to learn, replicate, or predict.
Photolok also introduces Situational Security features that protect the person, not just the credential. Duress Photos act as a silent alarm if a user is logging in under coercion. One-Time Photos self-destruct after a single use to defeat shoulder-surfing. The technology is protected by granted patents spanning the United States, European Union, United Kingdom, Japan, Canada, Australia, and Mexico.
Netlok, LLC is a Santa Barbara, California-based cybersecurity company and creator of Photolok, a patented photo-based identity platform that eliminates passwords and resists AI-driven attacks. Founded by serial inventor Tony Perez — whose prior inventions include a patented safety syringe developed during the AIDS epidemic — ARP-IP (Perez) holds granted patents across the United States, European Union, United Kingdom, Japan, Canada, Australia, and Mexico. Photolok’s visual authentication method leverages the brain’s natural ability to recognize images, delivering an identity solution that is both ultra-secure and effortlessly human. For more information, visit www.netlok.com.
Leave a comment »