Search:

Items Tagged with "Authentication"


E313765e3bec84b2852c1c758f7244b6

All Your Data Are Belong To Us!

February 24, 2011 Added by:Brent Huston

Passwords are the bane of every system administrator’s existence. Policies are created to secure organizations, but when enforced they cause people to have trouble coming up with the multitude of passwords necessary. As a result, people use the same passwords in multiple places...

Comments  (1)

7d55c20d433dd60022642d3ab77b8efb

ERP System Attacks and the BlackHat DC Conference

February 15, 2011 Added by:Alexander Polyakov

During the BlackHat DC conference, DSecRG experts talked about attacks on corporate business-applications which can be used by cybercriminals for espionage, sabotage and fraudulent actions. Despite the fact, companies like SAP and Oracle regularly release security updates that are subject to attacks...

Comments  (0)

29fb4966bdfcfff5545ae464c771071b

One Time Passwords are Not Secure Enough

February 14, 2011 Added by:Gurudatt Shenoy

OTP-based two factor authentication is far more secure than single factor authentication and is also cheaper. But is it really secure enough to thwart the efforts of dedicated hackers who have broken into highly secured government and defense enterprises deploying even far more secured solutions?

Comments  (3)

69dafe8b58066478aea48f3d0f384820

Google Offers Two-Factor Authentication Option

February 10, 2011 Added by:Headlines

"Starting Thursday all Google users can choose to turn on a so-called 'two-factor authentication' feature, which will require them to type in a special, short-lived second password in addition to their normal password to get into their account..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Important Takeaways from ShmooCon 2011

February 07, 2011 Added by:Rafal Los

Conferences are more than just going to interesting talks, meeting people, and attending after-parties. Sometimes, if the conferences is really a gem - like ShmooCon - you actually learn something. After attending this year's conference, I think it relevant to share my thoughts...

Comments  (2)

44fa7dab2a22dc03b6a1de4a35b7834a

Google Adds Authentication to Google Apps

February 04, 2011 Added by:Bill Gerneglia

By implementing DomainKeys Identified Mail (DKIM) at no additional cost to Google Apps users, the company says it is giving email senders a way to validate who they are in a manner that spam filters recognize, therefore ensuring higher message delivery rates to recipients...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Another Resolution For 2011: Secure Your Sensitive Data

February 02, 2011 Added by:Alexander Rothacker

Tack on one more resolution for 2011 – secure your sensitive information. Hackers are constantly looking for ways to access critical corporate data and have moved away from the idea of “breaking in because they can” and are looking to harvest sensitive information to sell on the black-market...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Smart Card Authentication Cracked by Hackers

January 29, 2011 Added by:Headlines

When the smart card is inserted into a compromised PC, the hackers use the opportunity to attempt to access the server. When the system requests a digital token, the attackers redirect the request to the compromised PC, which provides the token and password stolen with the keylogger...

Comments  (0)

Fdaa09fc5ed18d3226b3a1a00f1bc48c

Is 2011 the Year of NoSQL Data Breaches?

January 28, 2011 Added by:Daniel Doubrovkine

The buzz about the MongoDB outage at FourSquare got nearly as much attention from the world as the security breaches of traditional RDBMS at Gawker and Silverpop. I believe it’s all going to change soon: TeamSHATTER has seen strong growth in research and hacker activity targeting NoSQL databases...

Comments  (2)

99edc1997453f90eb5ac1430fd9a7c61

The Post-Holiday Blues

January 23, 2011 Added by:Javvad Malik

You walk back to the office knowing full well, like hundreds of others in their office, they’ve forgotten their password. You then have to jump through 20 different hoops to identify yourself. Your name, ID number, user ID, your managers name, your national insurance number… blah blah blah... Finally, you’re told that your password has been reset to Password123. Success? Nearly, becaus...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Will IPv6 Cause Chaos for the Browsing Public?

January 19, 2011 Added by:Rafal Los

Whether you're installing a drive-by trojan malware via 0day, collecting revenue from pay-per-click schemes, or XSS'ing your way into their bank account - the goal of this game is to make money on that person. Let's face it, business is good...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Trojan Utilizes TeamViewer Remote PC Control Software

January 17, 2011 Added by:Headlines

A popular remote PC control software has apparently been usurped for use in a banking Trojan that was recently used in an unauthorized transaction that affected a large un-named Russian company. The hacker can then execute command and control functions and erasing traces of the bot's presence...

Comments  (0)

F833294b729456685864bd3393473c5a

SyferLock Unveils Superior Two Factor Authentication

January 14, 2011 Added by:Paul Sitar

With the addition of the superior “soft token” solution, SyferLock truly covers the entire authentication spectrum, as well as a myriad of diverse and evolving use cases and business requirements challenging the security and account access of organizations and their users...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Password Database Dumped to Pirate Bay Bit-Torrent Site

January 08, 2011 Added by:Dan Dieterle

The embroiled Pirate Bay, when not dealing with legal issues, has had their own run in with hackers. Last summer, a hacker broke into their systems through a SQL vulnerability and stole 4 million users passwords...

Comments  (0)

29fb4966bdfcfff5545ae464c771071b

On "Passwordless" Authentication: A New Paradigm

January 04, 2011 Added by:Gurudatt Shenoy

Instead of storing the password on the server, one can encrypt and store the user identity or username using a real time generated password, either by via a hashing algorithm or a device-locked password generator. The password itself need not be stored on the server, as can be seen from the following diagrams...

Comments  (10)

69dafe8b58066478aea48f3d0f384820

Banks Lax on Authentication and Transaction Security

January 03, 2011 Added by:Headlines

Complicating matters for banking customers who find themselves victims of breached accounts is that banks are only required to maintain "sufficient" standards of security, a moving target based on the average level of security employed by the industry as a whole, as far as legal liability is concerned...

Comments  (0)

Page « < 7 - 8 - 9 - 10 - 11 > »
Popular Topics
Anonymous  Application Security  Attacks  Authentication  Cloud Computing  Cloud Security  Compliance  Cyber Crime  Cyber Security  Cyberwar  Data Loss  Data Loss Prevention  Encryption  Enterprise Security  Government  Hacktivist  Headlines  Industrial Control Systems  Information Security  Infosec  Infrastructure  Legal  Managed Services  Military  National Security  Network Security  PCI DSS  Passwords  Privacy  Risk Management  SCADA  Security  Security Awareness  Training  Vulnerabilities  breach  breaches  hackers  internet  malware 

Your Own Private Island

December 24, 2011
Coming Soon! Build your own Island right here!

Make your home Infosec Island with your own private vanity URL, design options and private network of followers.

Infosec Island v2

December 24, 2011
The latest version of Infosec Island is now available. There are more content options and more ways to connect and interact with your peers.

Thanks to everyone for a great year, and we're looking forward to an excellent 2012!
Latest Survey Results
2011 will be most likely be remembered for:
results