Home Tags Credentials

Tag: credentials

“Yahoobleed” flaw leaked private e-mail attachments and credentials

Yahoo promptly retired ImageMagic library after failing to install 2-year-old patch.

IT threat evolution Q1 2017

Wersquo;ve become accustomed to seeing a steady stream of security breaches month after month; and this quarter has been no exception, including attacks on Barts Health Trust, Sports Direct, Intercontinental Hotels Group and ABTA.

Chrome Browser Hack Opens Door to Credential Theft

Researchers at DefenseCode claim a vulnerability in Googlersquo;s Chrome browser allows hackers to steal credentials and launch SMB relay attacks.

Gizmodo went phishing with the Trump team—will they catch a charge?

"Security test" sent to 15 officials, advisors, others skirts the edges of CFAA.

Oh, great: There’s a new Same Origin Policy exploit for Edge

Browser helps attackers by autocompleting passwords Edge nemesis, security tester Manuel Caballero from Buenos Aires, has popped the browser again, getting around its Same Origin Policy to steal stored credentials.…

Mac users installing popular DVD ripper get nasty backdoor instead

Trusted site distributes malware that steals keychains, admin passwords and more.

Intercede announces Secure Login for WordPress

RapID Secure Login enables WordPress users to easily access their accounts without insecure and cumbersome passwords Lutterworth, England/Reston, VA, 8th May 2017 – Today, digital identity and credentials expert, Intercede announced the launch of RapID Secure Login (RapID-SL), a Plugin for WordPress that enables administrators and subscribers to log into websites and blogs with fingerprints instead of usernames and passwords.

By eliminating the use of insecure passwords, users are provided with superior usability and more... Source: RealWire

Google phishing attack was foretold by researchers—and it may have used...

A potential threat from spoofing Google applications was cited in 2011.

Feds propose heightened social media vetting of visa applicants

Plan applies to applicants "who have been determined to warrant additional scrutiny."

NIST to security admins: You’ve made passwords too hard

Despite the fact that cybercriminals stole more than 3 billion user credentials in 2016, users don't seem to be getting savvier about their password usage.

The good news is that how we think about password security is changing as other authentication methods become more popular.Password security remains a Hydra-esque challenge for enterprises. Require users to change their passwords frequently, and they wind up selecting easy-to-remember passwords.

Force users to use numbers and special characters to select a strong password and they come back with  passwords like Pa$$w0rd.To read this article in full or to leave a comment, please click here

Dozens of popular iPhone apps are still exposing your login details

The majority of the vulnerable apps were not fixed, and still expose user credentials.

VU#556600: Space Coast Credit Union SCCU Mobile for Android and iPhone...

Space Coast Credit Union SCCU Mobile for Android,version 2.1.0.1104 and earlier,and for iOS,version 2.2 and earlier,fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks.