Network Access Control
December 05, 2011 Added by:Headlines
"A rainbow table is a list of pre-computed hashes - the numerical value of an encrypted password, used by most systems today - and that’s the hashes of all possible password combinations for any given hashing algorithm mind..."
November 21, 2011 Added by:Headlines
Are you using the password “password” or “123456″? If so congratulations, you are using one of the top two worst and easiest to guess passwords on the internet. Splashdata creates an annual list of the worst passwords to use on the net, and here are the top 10 for 2011...
November 09, 2011 Added by:Kevin Somppi
It is impossible to prove that a platform or program has no bugs; however, if you take the time to reasonably test and find the obvious vulnerabilities, and challenge the access which your user community has been granted, you stand a better chance of not being compromised...
November 07, 2011 Added by:Headlines
"We are shifting our investments to activities that promise more convergence with the threat and that recognize the needs of the DoD. Malicious cyber attacks are not merely an existential threat to our bits and bytes. They are a real threat to our physical systems..."
October 26, 2011 Added by:Javvad Malik
Having a long padded out password isn’t enough. Because there are a whole multitude of things that should be taken into consideration before declaring something is the answer to all your security issues. It’s a security concept called defense in depth...
October 13, 2011 Added by:Dan Dieterle
The United States has been ravished electronically by infiltrating sources that have pilfered military secrets, financial information and account credentials. According to some, our national infrastructure has also been infiltrated and key systems backdoored...
October 06, 2011 Added by:Emmett Jorgensen
There are many different ways that secure devices are being used as platforms for collaborative technologies to address growing market requirements. The ability to secure activities anywhere, at any time, from any machine is something that will gain traction over the next few years...
October 06, 2011 Added by:Headlines
“An attacker could inject a cookie stealer combined with jQuery’s .hide() and harvest cookies which can, ironically enough, be exploited by using the admin panel provided by sloppy American Express developers," Femerstrand explained in a blog post...
September 30, 2011 Added by:Robert Siciliano
Here we are in 2011 and well over half a billion records have been breached. While not all of the compromised records were held by financial institutions or were accounts considered “high-risk”, many of those breached accounts have resulted in financial fraud or account takeover...
September 26, 2011 Added by:Dan Dieterle
Sometimes a penetration tester may have remote access to a user’s machine, but he may not have the password, or the user has a very long complex password that would take too long to crack. Backtrack 5′s Metasploit Framework has a utility for capturing keys pressed on a target machine...
September 01, 2011 Added by:Headlines
Hurtado accessed U.S. Bank’s computer system and changed the contact information for the accounts of two elderly customers at the bank. After changing their contact information, Hurtado then allegedly closed these accounts and took out cashier’s checks for the balance of each account...
August 23, 2011 Added by:Christopher Hudel
One risk is that by telling people to "Sentence their password", they may be steered unconsciously to create sentences that make sense which will significantly weaken the power of apparently random words. And of course, apparently random words may ultimately prove not to be too random...
August 21, 2011 Added by:Rob Fuller
Also known as "How to practice what we preach". I don't know how long I've been telling clients that they need to have a minimum password length of 15 characters so there is no chance LM will be stored. But I've never tried setting it myself. Well, a client called me out. You can't...
August 17, 2011 Added by:Headlines
"This is a punitive model where we're trying to blame the victims of the attack. I don't think that the administration's proposal really does anything that I can see to enhance cybersecurity," said Larry Clinton, President of the Internet Security Alliance...
August 15, 2011 Added by:Headlines
Unlike other authentication systems, the breach of biometric data is difficult to remedy. Users can not simply alter the authenticating data used to access secure networks, as one would with usernames and passwords - the data is permanently and uniquely identifiable to the individual user...
August 10, 2011 Added by:Allan Pratt, MBA
I know what you’re thinking: not another post about passwords. The truth is, no matter how many times those of us in the infosec arena talk, cajole, and plead with users to create complex passwords, they don’t follow directions. Instead, they come crying to us after something bad happens...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013