Password Management and Policy
- December 08, 2015
A new report showed that while retail companies are confident in their security, many use bad access-management practices with temporary workers brought in for the holiday season.
- September 22, 2015
An internal report on Target's breach, obtained by security reporter Brian Krebs, shows the retailer suffered from major security flaws.
- August 07, 2015
Machine learning is better at detecting malware than systems that scan for known signatures. But researchers at Black Hat 2015 say adding a twist widens the performance gap even further.
- June 30, 2015
A report reveals that many stolen US government agency passwords traveled across the Web, including credentials from OPM, which was recently breached due to stolen passwords.
- June 05, 2015
News roundup: New settings and options to boost user privacy and security are emerging on major websites, but is it enough?
- May 01, 2015
News roundup: Many believe the government should help avert cybersecurity woes, yet two House-approved cybersecurity bills are frowned upon. Plus: DDoS increase linked to IoT; Google password alert; 70% put networks at risk with undocumented changes.
- March 10, 2015
The mobile payment app maker responds to criticism by stepping up security with better verifications and notifications for email and phone number changes.
- January 08, 2015
Video: Lieberman Software CEO Philip Lieberman explains how privileged identity management can shore up the many weaknesses of password-based authentication.
- October 03, 2014
News roundup: Palo Alto's next-generation firewall fared poorly in a recent NSS Labs report, leading to a testy back-and-forth about NGFW testing. Plus: Mitnick selling zero days; EMET bypassed, again; iThemes stored plaintext passwords.
- August 15, 2014
News roundup: Pro golfer Rory McIlroy inadvertently revealed his passcode on live TV, highlighting how easy it is to inadvertently reveal sensitive information. Plus: BlackBerry and Google issue updates, and Gartner hit with Magic Quadrant lawsuit.
- August 08, 2014
News roundup: When a breach occurs, it's common practice to share the information with victims -- both the users and the companies involved. However, Hold Security's billion-password hack disclosure hasn't followed standard procedure.
- March 21, 2014
Researchers have warned of numerous HealthCare.gov security issues. Michael Cobb reviews the website security lessons learned for enterprises.
- April 23, 2013
The 2013 Verizon data breach report details how authentication attacks affect organizations of all sizes, blaming single-factor passwords.
- August 01, 2012
Dropbox spokesman says investigation is ongoing after attackers gained access to an employee account leaking user email addresses.
- August 01, 2012
Investigators believe some of the Web-based storage service's accounts were compromised following a password breach at another website.