Access Control

Access Control news, information, and how-to advice

us surveillance spy ts
tunnel threat

greedy

Lieberman: Mandiant and Verizon wrong on unstoppable threats

Mandiant, Verizon and other cyber-forensics firms are profiting from so-called unstoppable threats like zero-day exploits and advanced persistent attacks, according to a new report from Lieberman Software.

kill password

FUD: Vendor claims their map-based password tool is unbreakable

Nova Spatial, the developer of a map-based authentication method called MapLogin, says their tool is unbreakable after a round of vulnerability testing with HackerOne. A bold claim, one that just isn't true based on the evidence.

single sign on tools review 1

Best tools for single sign-on

It has been a few years since we last looked at single sign-on products, the field has gotten more crowded and more capable.

security fingerprints

Expert: Time to stop relying on PII for authentication

These days, the criminals often know more of our personal details than we know ourselves -- it's time to stop asking users for their personal details and to switch to more secure methods for authentication

flashlight darkness

Windows 10 will allow apps to actively scan their content for malware

Developers will be able to have their apps talk to the locally installed antivirus programs through a new API

03 point of sale

Cybercriminals increasingly target point of sales systems

Trustwave highlights the difference in data-breach activity between North America and the rest of the world

haunted hallway ghost

Do departed employees haunt your networks?

Many companies have ghosts in their systems. Employees who've gone on to a better place -- say, with better pay -- but are still wandering through company files, cloud services, and social media accounts

st louis federal reserve bank

eNom discloses DNS attack to customers

On Thursday, Taryn Naidu, the CEO of domain registrar eNom, sent a letter to customers disclosing a "very sophisticated attack" that targeted the DNS settings on four domains. The email was sent in order to provide transparency, but...

dugoni dental clinic horizontal

Hard-coded credentials placing dental offices at risk

One researcher says that customers using Henry Schein's Dentrix software have been unknowingly exposed to risk after the latest version shipped with a flaw that was supposed to have been patched two years ago. This was reported to...

airplane interior

Security researcher's hack caused airplane to climb, FBI asserts

The FBI contends a cybersecurity researcher said he caused an airplane's engine to climb after hacking its software, according to a court document. The FBI interviewed him after he flew into Syracuse, New York, and seized his...

cyberlock

Electronic lock maker clashes with security firm over software flaws

CyberLock said it wasn't given enough time before IOActive published a security advisory

fire hydrant

Startup HydrantID launches subscription model for buying SSL certificates

The idea is to drive down the cost of certificates and streamline management

sendgrid screenshot

SendGrid customers told to reset passwords and DKIM keys after breach

SendGrid, a Boulder, Colorado-based transactional and marketing email delivery service, has urged customers to reset passwords after an internal investigation discovered that an employee's credentials were compromised.

rsa moscone south

166816 (Z66816): A post-RSA Conference recap

Default credentials: Ignored by those who should be paying attention, and collected by everyone else, they're the reason most breaches don't need to be too technical.

credit cards keyboard

Credit card terminals have used same password since 1990s, claim researchers

Many users never changed the password, thinking it was unique to them

7 keys

Key management is the biggest pain of encryption

Most IT professionals rate the pain of managing encryption keys as severe, according to a new global survey by the Ponemon Institute

att sign

AT&T's data breach settlement called a 'slap on the wrist'

The punishment AT&T received this week from the U.S. government for its sloppy protection of customer data is peanuts and won't scare other companies into taking stronger security measures, some cybersecurity experts said.

Lost in the clouds: 7 examples of compromised personal information

While having instant access to your information via the cloud is a major bonus to productivity and convenience, there's a risk that the security trade-off will be too high.

Load More