Blog Posts Tagged with "Passwords"

B64e021126c832bb29ec9fa988155eaf

Microsoft Forcing Users to Use Less Secure Passwords

September 18, 2012 Added by:Dan Dieterle

Looks like Windows 8 is capped at a 16 character limit for compatibility with existing Microsoft Accounts. With the decrease of the character set, by limiting special characters for compatibility with Microsoft’s other services, the passwords are less secure than before...

Comments  (2)

D8853ae281be8cfdfa18ab73608e8c3f

Raising Zombies in Windows: Passwords

September 13, 2012 Added by:Rob Fuller

List the tokens available with Incognito, your new user will be there, steal it and you're done. You now have the ability to user that account/domain token on any of the hosts you've compromised on the network, not just the ones they happen to have left themselves logged in...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

Google Wallet: Please Tell Me They’re Joking...

September 08, 2012 Added by:Joel Harding

No computer in the world is safe from a determined hacker. Most of us don’t properly secure our computer, our smart phone, or even our wallets. So how in the heck does storing your credit and debit card information “in the cloud” help you secure your already vulnerable information?

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Great UDID Hacker Cache: What's the Big Deal?

September 07, 2012 Added by:Rafal Los

Why am I calling this a psychological operation? From talking to people who would know - the UDID is just a tracking mechanism to link a device to a person. The fact that this has stirred such a sentiment against the federal government at a time when distrust of is already high is suspect...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Hackers Grabbed Twelve Million Apple IDs from FBI

September 05, 2012 Added by:Dan Dieterle

Is the information legit? If so, why would an FBI agent have a list of twelve million Apple ID’s which in some cases can be used to access information just as a password would? And how did the hacker group exploit this particular agent’s laptop and recover information from it?

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

The OTHER Problem with Passwords

August 29, 2012 Added by:Wendy Nather

Organizations are motivated to prioritize ease of use over security if they feel their target audience won't be able to use advanced features without support. The result is that the password reset process to an address of record is the easiest way to get into an account. And of course attackers know this too...

Comments  (1)

D13f77e036666dbd8f93bf5895f47703

The Day I Was Erased Digitally

August 17, 2012 Added by:Theresa Payton

It’s everyone’s worst night nightmare - everything digital in your life gets wiped out. Your phone, your computer, your tablet, every email address, social network profile. It really does happen, and most of you probably didn’t know that even techies and security experts worry about this happening to them...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Is a Password Enough? A Closer Look at Authentication

August 16, 2012 Added by:Robert Siciliano

Yahoo and LinkedIn were recently breached and usernames and passwords were stolen. These sites did something wrong that allowed those passwords to get hacked. However passwords themselves are too hackable. If multi-factor authentication was used, then the hacks may be a moot point and the data useless...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Go Ahead and Write Down Your Passwords

August 07, 2012 Added by:Boris Sverdlik

Another day, another password hack, and yet another reason not to reuse passwords... Here is a simple bash script to generate strong passwords. Port it to Python or even something more platform independent. Also, don't forget to set Auto Dismount to 15 minutes, so you don't leave it up and running...

Comments  (14)

B64e021126c832bb29ec9fa988155eaf

Billions of Hashes per Second with Multiforcer Password Cracker

August 07, 2012 Added by:Dan Dieterle

So what does it take to reach cracking speeds topping 154 Billion hashes per second with multiple hashes? The tool was created to help out pentesters who need to crack passwords, but can not submit hashes obtained to online cracking programs due to auditing agreement restrictions...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Between You and Me, This is Not Private...

July 22, 2012 Added by:Fergal Glynn

If most websites can’t get password storage right, you can bet they can’t get storage of the content you are trusting them with right either. The private documents that you stored with your favorite cloud service are probably not encrypted in a way that only your account can decrypt, if they’re encrypted at all...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Yahoo and Billabong Password Dumps Analyzed

July 19, 2012 Added by:Dan Dieterle

Wow, not one, but two massive password dumps in one day. Hackers leaked a very large number of Billabong and Yahoo passwords in plain text with no need to try to crack them. We looked at the passwords using the analysis tool Pipa, and here is what we found...

Comments  (1)

94c7ac665bbf77879483b04272744424

Yahoo Voices Accounts Exposed and Available to the General Public

July 13, 2012 Added by:Marc Quibell

If Yahoo took "security very seriously" this probably may not have happened. This is obviously a fail in their IT Security practices, on many accounts, beginning with the SQL Injection attack used to compromise the server - yes, it only took one server to compromise for this to occur...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Yahoo!'s No Encryption Trumps LinkedIn's Unsalted Hash

July 12, 2012 Added by:Headlines

Just a month after LinkedIn experienced a significant security breach and caught flack for not "salting their hash", the revelation that the Yahoo! credentials were not even stored in an encrypted format should have everyone concerned about how seriously companies are taking the security of their users...

Comments  (0)

C64d6029dda7a794e966cb3f6f6b5534

Password Security: The Main Vein

July 02, 2012 Added by:Ahmed Saleh

Your passwords should be treated as "high sensitive information", and you are responsible for taking the appropriate steps to select and secure this information. Information system users should be aware of the characteristics of weak and strong passwords in order to ensure adequate protection of their information...

Comments  (1)

71d85bb5d111973cb65dfee3d2a7e6c9

How Fast Can Your Password Be Cracked? Instantly...

July 02, 2012 Added by:f8lerror

Instantly with a JavaScript keylogger. In this brief tutorial, we show you how we can use the Metasploit JavaScript Keylogger auxiliary module in a penetration testing phishing campaign or user awareness training. This is intended for informational and/or educational purposes only...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »