Items Tagged with "Passwords"


Metadata: A Pentester’s Best Friend

February 17, 2012 Added by:Jake Garlie

Most modern productivity software will automatically insert this information into documents for benefits such as collaboration. However, if not removed before being published to a website, metadata can put an organization at risk...

Comments  (0)


Encryption: A Buzzword, Not a Silver Bullet

February 16, 2012 Added by:Danny Lieberman

Encryption, buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider four encryption components on the server side: passwords, tables, partitions and inter-tier socket communications...

Comments  (0)


One in Three Massachusetts Residents’ Records Breached

February 15, 2012 Added by:Robert Siciliano

Massachusetts has one of the most stringent data protection laws on the books. Companies are now reporting when even a single individual’s information has been compromised. Despite strict security requirements, companies are continually being hacked in record numbers....

Comments  (0)


Twitter Finally Enables HTTPS as a Default Setting

February 14, 2012 Added by:Headlines

Among other security benefits, the HTTPS feature will prevent users from having their login credentials stolen by attackers who may attempt to harvest passwords when users access their accounts over unencrypted Wi-Fi networks...

Comments  (0)


FBI Bitten by Operational Security

February 13, 2012 Added by:Fergal Glynn

Employees forward confidential calendar events and messages to personal calendars and personal email accounts. This may make their jobs easier but it can put their companies at risk. A recent security incident involving the FBI can teach us something about corporate security...

Comments  (0)


KPN Hack: Why was Customer Notification Delayed?

February 13, 2012 Added by:Pierluigi Paganini

The login credentials were stored in plain text in the repository that had been exposed, and that is absurd. This is a failure of the basic security procedures that should be recognized internationally, and is an offense for which there should be heavy penalties...

Comments  (0)


Hacker Boasts of Intel Corporation Network Breach

February 13, 2012 Added by:Headlines

A hacker who goes by the handles "WeedGrower" and "X-pOSed" claims to have breached tech giant Intel and to have gained access to an subscriber database that contains sensitive information including passwords, social security and credit card numbers...

Comments  (0)


ICS-CERT: Brute Force and SSH Scanning Attacks

February 06, 2012 Added by:Headlines

ICS-CERT is aware that systems that provide SSH command line access are common targets for “brute force” attacks. As recently as this week, ICS-CERT received a report from an electric utility experiencing unsuccessful brute force activity against their networks...

Comments  (0)


On Forgotten Passwords and Security

February 03, 2012

What do you do when a user forgets their password? There are a number of different approaches that can be taken. The challenge when allowing a user to self-service is that you could potentially open up a number of avenues for attack...

Comments  (0)


Disappointing Ruling in Compelled Laptop Decryption Case

February 01, 2012 Added by:Electronic Frontier Foundation

A federal district court has handed down an unfortunate early ruling in a case. Prosecutors asked the court to force the defendant to either type an encryption passphrase into the laptop to decrypt the information or turn over a decrypted version of the data...

Comments  (0)


Designing Applications for Compromise

January 24, 2012 Added by:Rafal Los

Make sure you're thinking ahead and designing applications to be resilient in the face of a complete compromise - including the information therein and connected accounts - so your users can still get back to the application even after it's been ravaged by hackers...

Comments  (0)


Do Not Encrypt Passwords - Why, You Ask?

January 12, 2012

Encrypting passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper...

Comments  (2)


Fallout from the Christmas Hack of Stratfor

January 03, 2012 Added by:Richard Stiennon

The most painful lesson the Stratfor hack is about to demonstrate is the importance of email security. Anonymous will be recruiting volunteers to analyze the 3.3 million emails they stole that have the potential for real harm equal to the infamous WikiLeaks State Department leak...

Comments  (0)


Crazy Fast Password Recovery with Hashcat

January 02, 2012 Added by:Dan Dieterle

Hashcat is a multi-threaded cracker, so if your CPU can run several threads, it will use them. But the real speed comes into play when using the horsepower of a GPU. If your GPU can run hundreds of threads, all of this power is used to break passwords...

Comments  (1)


Analyzing Passwords for Patterns and Complexity

December 20, 2011 Added by:Dan Dieterle

This is a great tool to see patterns in password security. After years of users being warned about password security, it is disheartening to see the majority of users are still using simple passwords. More alarming is the number of password dumps available from compromised websites...

Comments  (0)


Passwords: Give Them the Respect They Deserve

December 16, 2011

Passwords are everywhere on the internet. You need them to log onto your banking, emails and a ton of other websites. They are extremely important, yet do we give them the respect they deserve?

Comments  (0)

Page « < 4 - 5 - 6 - 7 - 8 > »