Items Tagged with "Passwords"


69dafe8b58066478aea48f3d0f384820

F-Secure's April Fools Hack Article is No Joke

April 01, 2011 Added by:Headlines

F-Secure posted a nice April Fool's day article that was so subtle it slipped into several security news feeds unnoticed. While the article itself may be just a fun prank, readers would be wise not to let the sardonic wit overshadow the important message about password security...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Check Your Password Security

March 29, 2011 Added by:Robert Siciliano

Passwords are the bane of the security community. We are forced to rely on them, while knowing they’re only as secure as our operating systems, which can be compromised by spyware and malware. There are a number of common techniques used to crack passwords...

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

Advanced Password Security 101

March 27, 2011 Added by:J. Oquendo

For those searching for password storage systems, there is no shortage of helpful and even free programs. There is also no shortage of documents explaining why or how to create strong passwords. However, what I noticed in most documents and even programs is their lack of creativity...

Comments  (4)

E4b33dbe234685965beb3e9f2a0ad456

Increase in SSH Brute Force Username Guessing

March 23, 2011 Added by:Ted LeRoy

The crackers are using automated tools that scan for valid ssh logins using a username list. The sites and names that come up can be processed again, checking for weak passwords or brute force vulnerabilities. The tools and method are not new, but the number of attacks seems much higher lately...

Comments  (15)

D8853ae281be8cfdfa18ab73608e8c3f

Metasploit VNC Password Extraction

March 22, 2011 Added by:Rob Fuller

I ran into the 'getvncpw' meterpreter script issue on pentests in the past but didn't know much about the whacked out version of DES that RFB (the VNC protocol) was using. Not being a fan of manually editing a binary and compiling each time, I had a password to crack I wanted to find another way...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Five Security Secrets Network Administrators Keep Quiet

March 22, 2011 Added by:Headlines

Network administrators may be conducting their own personal risk assessments in the course of their daily duties. They may be weighing factors such as performance pay incentives, the thoroughness of security audits, and time constraints when deciding what is or is not a priority...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

How to Avoid Falling For Social Engineering Attacks

March 11, 2011 Added by:Brent Huston

You have to be sharp to see through a social engineering attack. The challenge is to retain that sharpness while in the midst of multiple tasks. Most of the time, the attacker will take advantage of a busy receptionist, a chaotic office, or tired staff when they try their dastardly deed...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Faking It - When is Two Factor Authentication Not?

February 28, 2011 Added by:Rafal Los

Take a look at the authentication scheme from a 360-degree view and see if the strong authentication 2-factor provides extends to all platforms (mobile device? HTML-only?) If not, then your account is protected by the lowest common denominator, for most sites that's a simple username and password...

Comments  (15)

E313765e3bec84b2852c1c758f7244b6

All Your Data Are Belong To Us!

February 23, 2011 Added by:Brent Huston

Passwords are the bane of every system administrator’s existence. Policies are created to secure organizations, but when enforced they cause people to have trouble coming up with the multitude of passwords necessary. As a result, people use the same passwords in multiple places...

Comments  (1)

485f5553442ebdfbfa4926166697c319

Authentication: Balancing Security, Usability and Cost

February 22, 2011 Added by:Roman Yudkin

The burden of so many complex passwords is too high, especially if the user believes the odds of their credentials being stolen are small. Advice on choosing strong passwords and never re-using them is rejected as a poor cost/benefit tradeoff. No wonder users have bad password practices...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Brute Forcing Passwords and Word List Resources

February 20, 2011 Added by:Rob Fuller

Brute force, even though it's gotten so fast, is still a long way away from cracking long complex passwords. That's were word lists come in handy. It's usually the crackers first go-to solution, slam a word list against the hash, if that doesn't work, try rainbow tables..

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

iPhone Hacked and Passwords Stolen in Six Minutes

February 12, 2011 Added by:Dan Dieterle

iPhone passwords may not be as secure as one might believe. According to German security researchers from the Fraunhofer Institute Secure Information Technology (Fraunhofer SIT), if you have physical access to the phone, passwords can be recovered from a locked Apple iPhone in six minutes...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Google Offers Two-Factor Authentication Option

February 10, 2011 Added by:Headlines

"Starting Thursday all Google users can choose to turn on a so-called 'two-factor authentication' feature, which will require them to type in a special, short-lived second password in addition to their normal password to get into their account..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Stealing Your Neighbor's WIFI Signal is Still Illegal

February 08, 2011 Added by:Headlines

Consumers know that leaving their Wi-Fi network open is not good, but the reality is that many have not taken the steps to protect themselves. Consumers can activate Wi-Fi security protections in a few simple steps, but much like the seatbelts in your car, it won't protect you unless you use it...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Important Takeaways from ShmooCon 2011

February 07, 2011 Added by:Rafal Los

Conferences are more than just going to interesting talks, meeting people, and attending after-parties. Sometimes, if the conferences is really a gem - like ShmooCon - you actually learn something. After attending this year's conference, I think it relevant to share my thoughts...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Facebook Security: Setting Up Account Login Alerts

February 03, 2011 Added by:Headlines

Facebook has made steady progress in their efforts to offer better security, but it remains the responsibility of account holders to make sure they are utilizing all of the security features. One allows members to monitor their profile for any unauthorized access to their Facebook account...

Comments  (0)

Page « < 8 - 9 - 10 - 11 - 12 > »