Password Management and Policy
- July 24, 2019
An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen.
- July 19, 2019
Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords.
- March 13, 2019
Citrix disclosed a potential data breach blamed on poor password security, but a lack of details about the attack leaves only unconfirmed claims from a single cybersecurity firm.
- March 01, 2019
Researchers found several popular password managers expose master passwords in system memory, but experts recommend consumers and enterprises should still use the products.
- February 15, 2019
More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.
- November 20, 2018
This week's Risk & Repeat podcast discusses whether users are responsible for creating and reusing weak passwords or if the technology systems themselves are to blame.
- September 25, 2018
Cisco hit by yet another new hardcoded credentials flaw, the latest in a long line of such flaws since last year, this time in its video surveillance manager appliance.
- March 21, 2018
A Firefox bug exposing the browser's master password to a simple brute force attack against inadequate SHA-1 hashing is still on the books after nearly nine years.
- December 29, 2017
News roundup: Login managers enable the exposure of user credentials in over 1,000 websites. Plus, Mozilla patched a critical vulnerability in Thunderbird, and more.
- December 12, 2017
A massive repository containing more than 1.4 billion stolen credentials was found on the dark web with special features for malicious actors.
- January 12, 2017
In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event.
- August 03, 2016
Barclays is offering U.K. retail banking customers the option to do voice authentication instead of using passwords, with voiceprints that are as unique as fingerprints.
- December 08, 2015
A new report showed that while retail companies are confident in their security, many use bad access-management practices with temporary workers brought in for the holiday season.
- September 22, 2015
An internal report on Target's breach, obtained by security reporter Brian Krebs, shows the retailer suffered from major security flaws.
- August 07, 2015
Machine learning is better at detecting malware than systems that scan for known signatures. But researchers at Black Hat 2015 say adding a twist widens the performance gap even further.