Items Tagged with "Passwords"
October 28, 2010 Added by:bitraptor bitraptor
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds. Yes, you read that right, in SECONDS...
October 27, 2010 Added by:Niko DePofi
I know your computer is almost a foreign language, so I put together a decent, basic primer of how to keep your information safe when using a PC. This isn't all that can be done. There may never be a truly comprehensive list of what to do to stay safe, but this is a decent primer...
October 24, 2010 Added by:Guy Huntington
There are many different identity types interacting with a modern enterprise and identity type gradients. The risk associated with these identity gradients may vary according to the purchase amount, or type of information flowing between the enterprise and the identity type gradient..
October 24, 2010 Added by:bitraptor bitraptor
SAM is far from being perfect, but the real problem lies in the way they store the passwords - it's an old method created by Microsoft prior to the Windows NT family, and they still run the old style LM hash keys so that two concurrent hashes of the passwords are stored...
October 21, 2010 Added by:Dan Dieterle
A Swiss security company called Objectif Sécurité has created a cracking technology that uses rainbow tables on SSD drives. Apparently it is the hard drive access time and not the processor speed that slows down cracking. Using SSD drives can make cracking faster, but just how fast?
October 07, 2010 Added by:Brent Huston
Each month, we focus on a specific, measurable task you can use to firm up your own security strategy. The tasks focus on authentication credentials to identify and remove all network, system and application access that does not require secure authentication credentials or mechanisms...
October 05, 2010 Added by:Guy Huntington
Obtaining passwords is so easy using social engineering that it negates the use of a password with special characters and X length. When I go onto client sites one of the first things I do is look under keyboards, behind the screens etc, where I usually find the password written down...
October 02, 2010 Added by:PCI Guru
Are the days of eight character long passwords over? I have seen examples where current threats plus older threats could be used to compromise security. It was just all in how they were put together. It is very important that security professionals need to understand their opponent...
September 24, 2010 Added by:Robert Siciliano
Adding one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.It is just as important that your PC is free of malicious programs such as spyware and key-loggers. Beware of RATS a.k.a Remote Access Trojans...
August 30, 2010 Added by:Brent Huston
It’s not just a matter of people using short, simple, stupid passwords any more. With advances in easily available and cheap computing power such as advanced graphics processors and solid state drives, even long and complex passwords can be cracked in seconds...
August 25, 2010 Added by:Simon Heron
Using a password by itself leaves the user wide open to abuse from keyloggers and phishing attacks. Add a token into the mix and it greatly reduces the risk of exploitation, as the hacker would have to be close enough to take the token from your possession...
July 22, 2010 Added by:Application Security, Inc.
Application Security, Inc.’s Team SHATTER has researched the Top 10 Database Vulnerabilities in order to you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is Default, Blank & Weak Username/Passwords...
April 30, 2010 Added by:Robert Siciliano
Code named Gaia after “Greek Goddess of Earth” a Google single sign on password system was hacked in December. Google is a significant part of many individuals and businesses online activities. Millions rely on Google every day to be fast, functional and most important, secure. A breach such as this may erode the confidence of Google users, but for many, they have all their egg...
April 06, 2010 Added by:Katie Weaver-Johnson
This week I received an e-mail from a friend of mine saying he was in the UK to visit his ill sister and needed to borrow money…perhaps many of you have received an e-mail like this too? In reality, my friend’s e-mail account had been hacked and the e-mail was a hoax.
From the Web
January 19, 2010 from: hackyourself.net
I don't know if this is real, but it seems perfectly reasonable that all of Facebook is stored in a huge database that someone with the proper permissions can access and modify. And it also makes sense that developers and others would need the ability to assume anyone's identity.
From the Web
December 15, 2009 from: AEON Security Blog
Security researchers are leveraging cloud computing to crack WPA wireless passwords at a cost and we’re wondering what other nefarious deeds are being done via cloud computing that we’ve never heard about. To be fair about this, for starters if you take notice of PC World’s title for the article, “New Cloud-based Service Steals Wi-Fi Passwords” it’s completely w...