Access Control

Access Control news, information, and how-to advice

Security must evolve to be ‘all about the data’

Experts on panel discussion sponsored by Dell agree that the current security model is obsolete, and that to face the expanding and evolving threat landscape will require embedding data itself with smart security protection

Arrests made after international cyber-ring targets StubHub

StubHub accounts were compromised and used to buy tickets for popular events, which were then resold


Why '123456' is a great password

New research shows that "123456" is a good password after all.

big data 19

Securing big data off to slow start

While big data implementations have taken off, the work needed to secure these systems has not.

Critical design flaw in Active Directory could allow for a password change

Microsoft contends the general issue has been long-known, but Israel-based Aorato has developed a working attack

Why the Microsoft Active Directory design flaw isn't serious

Experts are skeptical of the seriousness of a reported design flaw in Microsoft Active Directory, which is used by many enterprises to control employee access to the corporate network.

Why password managers are not as secure as you think

University researchers have raised concerns about the security of web-based password managers that free people from the burden of having to remember website credentials.

Botnet brute-forces remote access to point-of-sale systems

A new malware threat scans the Internet for POS systems and tries to access them using common usernames and passwords

Critical vulnerability in popular WordPress newsletter plug-in endangers many blogs

Attackers could exploit a flaw in the MailPoet Newsletters plug-in to take full control of vulnerable blogs, researchers from Sucuri said

piracy malware

New malware program hooks into networking APIs to steal banking data

The Emotet malware can sniff information even from HTTPS connections, researchers from Trend Micro said

internet gavel keyboard

Takedown of No-IP by Microsoft impacts 1.8M customers

New details have emerged in the aftermath of Microsoft's actions against Vitalwerks - the company that operates No-IP (noip.com). At current count, 1,832,133 customers were impacted by Microsoft's takedown of No-IP, which directly...

internet gavel keyboard

Microsoft's takedown of No-IP pushes innocents into the crossfire

On Monday, Microsoft said they were taking No-IP (noip.com) to task for failing to prevent criminals from abusing their services. The case is Microsoft's latest effort to slow the spread of malware online, but this time innocents are...

handingkeys

How to achieve better third-party security: Let us count the ways

Experts say third-party vulnerabilities are a factor in most successful cyber attacks. There are ways to reduce that risk, they say, but it will require better basic 'security hygiene' plus much better contracts with contractors and...

Researchers expect large wave of rootkits targeting 64-bit systems

Rootkits are again on the rise with the number of new samples reaching levels not seen since 2011, a McAfee report said

New Havex malware variants target industrial control system and SCADA users

Attackers compromised ICS/SCADA vendor sites and altered software downloads to distribute the malware, researchers from F-Secure said

Ad network compromise led to rogue page redirects on Reuters site

The Syrian Electronic Army compromised a third-party widget to redirect some Reuters.com visitors to a defacement page

Hacker puts 'full redundancy' code-hosting firm out of business

CodeSpaces.com shut down after a hacker gained access to its Amazon EC2 account and deleted most data, including backups

Hacker puts 'full redundancy' code-hosting firm out of business

CodeSpaces.com shut down after a hacker gained access to its Amazon EC2 account and deleted most data, including backups

Maliciously crafted files can disable Microsoft's antimalware products

A vulnerability in the engine used by many Microsoft antimalware products can lead to a persistent denial-of-service condition

moviesec

8 security hits and misses on the silver screen

Security has played a bigger role in cinema than you may think

Load More