Blog Posts Tagged with "Passwords"

D8853ae281be8cfdfa18ab73608e8c3f

Minimum Password Lengths of 15 or More via GPO

August 21, 2011 Added by:Rob Fuller

Also known as "How to practice what we preach". I don't know how long I've been telling clients that they need to have a minimum password length of 15 characters so there is no chance LM will be stored. But I've never tried setting it myself. Well, a client called me out. You can't...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Vanguard Defense Industries Hit by AntiSec Hackers

August 16, 2011 Added by:Headlines

The AntiSec hacker collective has breached the email accounts of defense contractor Vanguard Defense Industries. The firm was targeted due to their relationships with law enforcement agencies, and the attackers plan to release several thousand emails and documents that were stolen in the operation...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Spear-Phishing Operation Targets Senior US Officials

August 16, 2011 Added by:Headlines

"Victims get a message from an address of a close associate or a collaborating organization/agency, which is spoofed. The message is crafted to look like a subscription form offering to enter Gmail credentials to activate it..."

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Mobile Device Security: The Matrix in 2011

August 15, 2011 Added by:Simon Heron

Remember that scene in the Matrix where our hero Neo is on the run and he just grabs a phone off some bystander and is immediately able to cancel the existing call and dial a new one? That seemed totally believable at the time. I just wondered what the equivalent might be these days?

Comments  (0)

5e402abc3fedaf8927900f014ccc031f

Ten Password Tips that Never Go Out of Style

August 10, 2011 Added by:Allan Pratt, MBA

I know what you’re thinking: not another post about passwords. The truth is, no matter how many times those of us in the infosec arena talk, cajole, and plead with users to create complex passwords, they don’t follow directions. Instead, they come crying to us after something bad happens...

Comments  (9)

8c4834b99847b9f7c9ee94b45df086f9

Talk of Password Demise Greatly Exaggerated

August 08, 2011 Added by:Emmett Jorgensen

Overall criminals and blackhat hackers have a variety of tools at their disposal to overcome passwords and encryption. But this doesn’t mean that passwords are obsolete. On the contrary, if used properly they are still incredibly effective at protecting our data...

Comments  (1)

37d5f81e2277051bc17116221040d51c

The Benefits of Multifactor Authentication

August 02, 2011 Added by:Robert Siciliano

Specifically the FFIEC states: “Since virtually every authentication technique can be compromised, financial institutions should not rely solely on any single control for authorizing high risk transactions, but rather institute a system of layered security, as described herein...."

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

Authentication: Who Are You and Why Are You Here?

July 29, 2011 Added by:Mike Meikle

You may have robust network security, stringent password policies and a tightly locked down user environment, but if you don’t know what you own, both data and hardware, it is akin to having a bank vault door standing alone in a field...

Comments  (0)

Ec9b0ab31140696dd578b354b1054635

Password Hash: It's Okay to Inhale...

July 18, 2011 Added by:Vulcan Mindm3ld

The recent IRC Federal and HBGary SQL injection vulnerabilities allowed attackers access to a username/password table stored in the database. IRC Federal's “experts” simply stored unencrypted passwords while HBGary's “expert” third-party developers implemented unsalted, non-iterated MD5...

Comments  (4)

69dafe8b58066478aea48f3d0f384820

Prosecutors Demand Laptop Password

July 11, 2011 Added by:Headlines

"Ordering the defendant to enter an encryption password puts her in the situation the Fifth Amendment was designed to prevent: having to choose between incriminating herself, lying under oath, or risking contempt of court..."

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

How to Log In to Windows Without the Password

July 08, 2011 Added by:Dan Dieterle

This process works on a fully patched and updated Windows 7 system. When I checked it last year, it also worked on all of Windows server products. Windows protects these system files from being modified when Windows is booted, but booting in Linux to alter them just takes a couple minutes at most...

Comments  (14)

69dafe8b58066478aea48f3d0f384820

Connexion Hack Team Dumps Military and Gov Accounts

July 08, 2011 Added by:Headlines

A new ad-hoc group of hacktivists calling itself "Connexion Hack Team" has published a list of email addresses associated with the US government including account information from the military, the Department of Homeland Security, the National Security Agency, and several state agencies...

Comments  (1)

7c5c876d1933023ac375eead04302e1a

What the CISSP Won't Teach You - Part Trois

July 05, 2011 Added by:Boris Sverdlik

A dedicated attacker will not scour pastebin to get your password, although “inurl: password” used to be a common attack vector. More common amongst the dedicated attacker is getting as much background information as possible as an attacker builds the dossier on their target...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Avoiding The Next Big Data Breach

June 21, 2011 Added by:Alexander Rothacker

It’s incumbent on the individuals that are responsible for the security of the data to ride this wave of activity, raise awareness, and move their security projects forward. There is no reason these large breaches should be occurring, not when the solutions already exist...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Dropbox Confirms Password Security Glitch

June 21, 2011 Added by:Headlines

"This should never have happened. We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again. We are sorry for this and regardless of how many people were ultimately affected, any exposure at all is unacceptable to us..."

Comments  (1)

8c4834b99847b9f7c9ee94b45df086f9

Sony Breach Highlights Secure Password Storage

June 08, 2011 Added by:Emmett Jorgensen

Secure password storage is crucial to any secure system. From sites such as Sony to operating systems and data backups on encrypted hard drives, if the password is in plain text your account and data is not safe. After all, why try to guess a password if you can just copy and paste it?

Comments  (0)

Page « < 6 - 7 - 8 - 9 - 10 > »