Blog Posts Tagged with "Authentication"
Avoiding Holes in Your AWS Buckets
April 12, 2018 Added by:Sanjay Kalra
Amazon Web Services (AWS) S3 buckets are the destination for much of the data moving to the cloud, and many have been mistakenly misconfigured and left open to public access.
Comments (0)
Convenience Comes at a Steep Price: Password Management Systems & SSO
July 12, 2017 Added by:Alexandre Cagnoni
Many consumers and businesses are flocking to the mirage of safety offered by password management firms, which are only as strong as their weakest link (often humans).
Comments (0)
SAP Afaria: How to Wipe Mobile Devices Clean with One Text Message
February 11, 2016 Added by:Alexander Polyakov
SAP Afaria can be used for remote control of mobile devices and, with ClientID generated on the basis of IMEI, attackers can compromise devices via text messages if they know the victim's phone number and IMEI.
Comments (0)
Organizations Must Wake Up To Hidden Security Vulnerabilities
December 03, 2015 Added by:Darren McCue
Time and again we see companies neglecting to protect themselves at the most basic, key levels – on both the physical and digital sides – leaving dangerous gaps in coverage to be exploited farther down the complexity chain.
Comments (0)
Businesses Should Take a Pass on Traditional Password Security
August 04, 2015 Added by:Geoff Sanders
Historical forms of authentication were never meant for the networked landscape we live in today. The first passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.
Comments (0)
A Windows Authentication Flaw Allows Deleted/Disabled Accounts to Access Corporate Data
May 06, 2014 Added by:Tal Be'ery
Since Kerberos authentication and authorization is based solely on the ticket – and not on the user’s credentials, it means that disabling the user’s account has no effect on their ability to access data and services.
Comments (0)
The Road To Identity Relationship Management
November 04, 2013 Added by:Simon Moffatt
The modern enterprise workforce, will contain contractors, freelancer and even consumers themselves. Bloggers, reviewers, supporters, promoters, content sharers and affiliates, whilst not on the company payroll, help drive revenue through messaging and interaction. If a platform exists where their identity can be harnessed, a new more agile go to market approach can be developed.
Comments (0)
Mitigate Security Risk Before Your Business Collapses
July 11, 2013 Added by:Jan Valcke
Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.
Comments (0)
CloudBeat 2012 - "Whose job is cloud security?"
December 11, 2012 Added by:Rafal Los
People are still stuck on authentication, mainly passwords. We as an industry or customer base haven't been very good at figuring out how to manage identities, without sticking our customers with a million different sites which don't share common identities...
Comments (0)
What Makes My Passwords Vulnerable?
November 25, 2012 Added by:Robert Siciliano
Simple passwords: When 32 million passwords were exposed in a breach last year, almost 1% of victims were using 123456. The next most popular password was 12345. Other common choices are 111111, princess, qwerty, and abc123. Avoid these types of passwords, which are easily guessed...
Comments (0)
E-mailing Passwords - Practice What You Preach
November 19, 2012 Added by:Bill Mathews
That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...
Comments (6)
Four Turning Points in Cybersecurity History
November 18, 2012 Added by:Tripwire Inc
Enterprises adopted reputable standards for secure configurations, and implemented repeatable practices for creating secure infrastructure. This shift dramatically reduced the attack surface of enterprises, greatly increasing the difficulty of achieving a successful attack...
Comments (0)
On Password Hell
November 06, 2012 Added by:Joel Harding
I had one sysadmin a few years ago who demanded we all use 64 character passwords and every other character had to switch type. It was something like ^y?M3aI`B[a/ and so on... It took two minutes to type it in and I had to carry a paper with the password written on it. I was so glad when he left...
Comments (1)
Please Don’t Tell Me You’re Still Using SSNs as IDs!
November 05, 2012 Added by:Rebecca Herold
I’ve been occasionally revisiting the topic of laws and regulations prohibiting the use of SSNs, most recently in 2008 when I identified over 45 U.S. federal and state laws regulating and often prohibiting, the use of SSNs as identifiers. I provide pointers at the end of this post to some other reports...
Comments (0)
Does it Make Sense to Keep Changing Your Passwords?
October 31, 2012 Added by:Rafal Los
I'm running a small experiment on myself in which I've set up an account on a public, high-traffic web-based system out there that has a ton of my personal information. I've not changed my password in almost 6 months, but I still feel relatively good and certain that I am the only one who has access to my stuff...
Comments (0)
Is it really so simple to crack your password?
October 29, 2012 Added by:Pierluigi Paganini
The numerous attacks and data breaches occurred during the last 12 months demonstrate that despite attention to security, the principal causes of the incidents are leak of authentication processes, absence of input validation on principal applications, and of course the human factor...
Comments (0)
- Conflicted External Auditors at Heart of Equifax Data Breach
- Chrome 71 Patches 43 Vulnerabilities
- Trojan Horses for the Mind
- 5 Cybersecurity Predictions for 2019
- OceanLotus Targets Southeast Asia in New Watering Hole Campaign
- Securing the BYoD Workplace
- Cyber Security Lessons from Abroad – Australia’s Essential Eight
- Will We Get a GDPR for the IoT?
- 'DarkGate' Campaign Targets Europeans with Multiple Payloads
- Facebook Patches Bug that Exposed Private Information