Identity Management

Identity Management news, information, and how-to advice

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

Hackers launch Apple ID phishing campaign playing on iCloud security worries

Phishing emails masquerade as security alerts from Apple about rogue iTunes purchases, researchers from Symantec said


LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

27 million South Koreans affected by data breach

South Korean authorities have revealed details surrounding massive data breach that impacts 27 million people aged 15-65. Moreover, local media is reporting that 16 people involved with the scheme were arrested, and that the full...

wipeout
In Depth

Why your online identity can never really be erased

A ruling by a European Court may make it more difficult to find certain information that people claim is 'inadequate ... irrelevant ... or excessive,' but that doesn't mean it will disappear. Some critics, who call the ruling...

Is “Bring Your Own Identity” a security risk or advantage?

Questions abound over websites authenticating users via identities established through Facebook, LinkedIn, Google, Amazon, Microsoft Live, Yahoo Ponemon Institute survey shows.

Why the Microsoft Active Directory design flaw isn't serious

Experts are skeptical of the seriousness of a reported design flaw in Microsoft Active Directory, which is used by many enterprises to control employee access to the corporate network.

Why password managers are not as secure as you think

University researchers have raised concerns about the security of web-based password managers that free people from the burden of having to remember website credentials.

How to set up two-factor authentication for iCloud

Apple is reportedly implementing two-factor authentication for some new iCloud services. If you haven't set up that security system already, here's how to do so.

pay pal sign

PayPal error shows how NOT to use two-factor authentication

A PayPal error made it possible to bypass two-factor authentication on a user account, demonstrating what can go wrong in deploying a tricky security mechanism.

binary hard drive

Code Spaces forced to close its doors after security incident

Code Spaces, a SVN and Git hosting provider, used by organizations for project management and development needs, has folded after an attacker compromised their internal systems.

Let's say goodbye to passwords

Over the last few years I’ve been conducting unofficial surveys of security analysts and security executives I meet in the field. My goal is always to determine what security solutions have been most detrimental to actually achieving...

Security pros and cons of Apple's latest operating systems

Apple's march toward seamless integration between the Mac, iPhone and iPad worries some security experts who say companies may find it more difficult to prevent data leakage on the devices.

serverskulls header

Vendor error forces Lowe's to issue breach notification letters

In a letter to both current and former employees, Lowe’s says that personal information might have been compromised after a third-party vendor exposed it to the public.

ebay marketplaces ipad

Raising awareness quickly: The eBay data breach

On Wednesday, eBay issued an advisory to users stating that passwords will need to be changed, after a database containing user information was compromised.

many red opened locks around one closed blue lock 148650499

Covert Redirect isn't a vulnerability, and it's nothing like Heartbleed

On Friday, Wang Jing, published a report focused on a method of attack called "Covert Redirect," promoting it as a vulnerability in OAuth 2.0 and OpenID. However, this isn't the first time the issue has been raised, and it isn't...

credit cards generic

Retailers plodding toward accepting higher-security payment cards

Target is speeding up support for chip-and-PIN payment cards to restore consumer confidence shaken by last year's massive data breach. But many other retailers feel less of an urgency to adopt the more secure technology.

Why you need to rethink the benefits of SMS authentication to improve security

The quest for perfect authentication gets in the way of good solutions that raise the bar for attackers while easing the process for the people who need to use it. Stepping back to reconsider authentication and the problem to solve...

The paranoid's survival guide, part 1: How to protect your personal data

Who says privacy is dead? While it's true that marketers, the government, data aggregators and others are gathering and analyzing more data than ever about every individual, you can still exert some control over what's out there,...

New identity fraud victim every two seconds thanks to massive data breaches

There have been a number of high-profile data breaches lately—and a whole bunch of smaller data breaches that didn’t make national headlines. The data breach itself, however, is just the beginning. What matters most is what happens...

Load More