Password Management and Policy
- September 25, 2018
Cisco hit by yet another new hardcoded credentials flaw, the latest in a long line of such flaws since last year, this time in its video surveillance manager appliance.
- March 21, 2018
A Firefox bug exposing the browser's master password to a simple brute force attack against inadequate SHA-1 hashing is still on the books after nearly nine years.
- December 29, 2017
News roundup: Login managers enable the exposure of user credentials in over 1,000 websites. Plus, Mozilla patched a critical vulnerability in Thunderbird, and more.
- December 12, 2017
A massive repository containing more than 1.4 billion stolen credentials was found on the dark web with special features for malicious actors.
- January 12, 2017
In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event.
- August 03, 2016
Barclays is offering U.K. retail banking customers the option to do voice authentication instead of using passwords, with voiceprints that are as unique as fingerprints.
- December 08, 2015
A new report showed that while retail companies are confident in their security, many use bad access-management practices with temporary workers brought in for the holiday season.
- September 22, 2015
An internal report on Target's breach, obtained by security reporter Brian Krebs, shows the retailer suffered from major security flaws.
- August 07, 2015
Machine learning is better at detecting malware than systems that scan for known signatures. But researchers at Black Hat 2015 say adding a twist widens the performance gap even further.
- June 30, 2015
A report reveals that many stolen US government agency passwords traveled across the Web, including credentials from OPM, which was recently breached due to stolen passwords.
- June 05, 2015
News roundup: New settings and options to boost user privacy and security are emerging on major websites, but is it enough?
- May 01, 2015
News roundup: Many believe the government should help avert cybersecurity woes, yet two House-approved cybersecurity bills are frowned upon. Plus: DDoS increase linked to IoT; Google password alert; 70% put networks at risk with undocumented changes.
- March 10, 2015
The mobile payment app maker responds to criticism by stepping up security with better verifications and notifications for email and phone number changes.
- January 08, 2015
Video: Lieberman Software CEO Philip Lieberman explains how privileged identity management can shore up the many weaknesses of password-based authentication.
- October 03, 2014
News roundup: Palo Alto's next-generation firewall fared poorly in a recent NSS Labs report, leading to a testy back-and-forth about NGFW testing. Plus: Mitnick selling zero days; EMET bypassed, again; iThemes stored plaintext passwords.