Items Tagged with "Authentication"


69dafe8b58066478aea48f3d0f384820

KeePass Vulnerability Exposes Password Lists

June 28, 2012 Added by:Headlines

“The bug will be injected on the remote way, affects the local validation (html/xml) and change the technic back when remotely transferring the password lists. The injection of the malicious URL/domain context can be done via auto save of URLs (victim) or manually (reproduce)," the researchers stated...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

RSA: Claims of SecurID 800 Token Crack are Whack

June 27, 2012 Added by:Headlines

"RSA has received many inquiries, press pickups, blog entries, and tweets regarding an alleged crack by researchers of the RSA SecurID 800 authenticator... an alarming claim and should rightly concern customers who have deployed the RSA SecurID 800 authenticator. The only problem is that it’s not true..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

State Sponsored IE Vulnerability and a Four Line MySQL Exploit

June 21, 2012 Added by:Headlines

Of the two latest Microsoft IE vulnerabilities, the first seems the most interesting. Rumored to be “State-Sponsored”, the vulnerability focuses on Gmail, MS Office and Internet Explorer. And as yet is still an active Zero Day exploit. Security software company Rapid 7 explains the vulnerability as follows...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Elementary Information Security

June 21, 2012 Added by:Ben Rothke

For anyone looking for a comprehensive information security reference guide - Elementary Information Security is it. While the title may say elementary, for the reader who spends the time and effort to complete the book, they will come out with a complete overview of every significant information security topic...

Comments  (0)

94c7ac665bbf77879483b04272744424

Better Passwords Don't Make Us Secure: Best Practices Advice

June 14, 2012 Added by:Marc Quibell

On today's Internet, it's not about better passwords, because passwords are another weak, vulnerable form of authentication. You can make it longer, more complex... whatever, but it doesn't change the fact that it's still weak and vulnerable. Practice safe computing and at least you will lower your risk...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

LulzSec Reborn vs Twitter and OAuth Security Issues

June 13, 2012 Added by:Pierluigi Paganini

The third-party authentication process implements the open standard for authorization, or OAuth, that allows users to share private resources stored on one site with another. The hack raises a serious question regarding the security level ensured by third-party authentication processes...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Password Protection Pointers

June 12, 2012 Added by:Jayson Wylie

The best password is the one that only you know. Even better one is one that nobody else can find out. Crackers are getting away from massive rainbow tables and moving on to graphics processors for quick password compromise. It is possible to categorize your passwords to define the sensitivity of their purpose....

Comments  (0)

48f758be63686a73484a7380e94f73d0

If I Told You, I'd Have to Kill You

June 11, 2012 Added by:Ed Bellis

All of these breaches present a great opportunity to learn what does and doesn’t work in information security. But when we get responses like the one posted by Last.FM not only do we not learn anything, we don’t have any reason to believe they have either...

Comments  (0)

145dfdfe39f987b240313956a81652d1

It’s Time to Convert from Passwords to Passphrases

June 08, 2012 Added by:Stacey Holleran

The traditional password must die. The whole concept is fatally flawed. The sheer volume of attacks should be a wake-up call to anyone utilizing a password (pretty much everyone). Now is the time to practice vigilance and to secure systems, accounts and security applications such as firewalls with Passphrases...

Comments  (0)

B9d9352326e5421a02e698a51d10ad2c

On the Recent Blizzard and Diablo 3 Account Compromises

May 29, 2012 Added by:Beau Woods

Gamers have gotten more savvy about giving away information which would allow someone else to access their account. But the attackers have adapted as well and use other ways of getting that information than by sending fake emails. Here are some of the more creative and sophisticated ways the thieves operate...

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

LinkedIn: Vulnerability in the Authentication Process

May 22, 2012 Added by:Pierluigi Paganini

This attack is possible due to an error in validating of the security token (CSRF token) that allows an unlimited number of requests using the same token for different users. The only mechanism against the attack is a CAPTCHA challenge-response test after dozens of attempts...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Follow Up to the Out of Band Authentication Post

May 16, 2012 Added by:Brent Huston

Sadly, there are more than a few who are struggling to get OOBA right or done at all. As with most things, it helps to do a little research. Organizations should perform due diligence on their vendors and factor vendor risks into the equation of purchases and project planning...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Treat Passwords Like Cash

May 14, 2012 Added by:Danny Lieberman

Every Web site and business application has a different algorithm and password policy. For users, who need to maintain strong passwords using 25 different policies on 25 different systems sites, it’s impossible to maintain a strong password policy without making some compromises...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Growing Mistrust of India’s Biometric ID Scheme

May 14, 2012 Added by:Electronic Frontier Foundation

In India, a massive effort is underway to collect biometric identity information for each of the country’s 1.2 billion people. The incredible plan has stirred controversy in India and beyond, raising serious concerns about the security of individuals’ personal data...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Twitter Hack! Five Ways to Avoid Being a Victim of Phishing

May 12, 2012 Added by:Brent Huston

Twitter is downplaying a security breach that exposed tens of thousands of user emails and passwords. The compromised Twitter accounts could have been the result of phishing attacks. Whenever you read about such breaches, it is always a good idea to change your password...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Financial Organizations Struggle with Out of Band Authentication

May 09, 2012 Added by:Brent Huston

Financial organizations have been working on implementing out of band authentication (OOBA) mechanisms for specific kinds of money transfers such as ACH and wires. While this authentication method does add some security to the process, it does not come without its challenges...

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »