authentication
It’s World Password Day: Change your passwords
Today (May 7) is World Password Day – a day dedicated to promoting the use of strong passwords and the creation of good habits when it comes to choosing passwords. …
Password management done right
David Sancho, senior threat researcher with Trend Micro, has recently written a short but good post in which he pointed out the reasons why despite their inherent insecurity, …
Windows flaw allows access to data after accounts are revoked
A disabled account in Windows’ network does not take effect immediately, according to Aorato. In fact, due to design considerations disabled accounts – and the …
Researchers debunk severity of OAuth “Covert Redirect” bug
Late last week, a Ph.D. student at the Nanyang Technological University in Singapore made the information security world pause for a moment by claiming that he had found a …
Passwords: Real-world issues, tips and alternatives
Per Thorsheim is an independent information security adviser based in Norway. He is the founder and main organizer of PasswordsCon, the first and only international conference …
Heartbleed attacker hijacked VPN active user sessions
As the number of the most popular websites that still haven’t patched their servers against the Heartbleed exploit continues to diminish (go here for an up-to-date list …
Supposedly patched router backdoor was simply hidden
When security systems’ engineer and researcher Eloi Vanderbeken discovered the existence of a backdoor in his own Linksys router last Christmas, he spurred other hackers …
Samsung Galaxy S5 fingerprint scanner can be tricked
Samsung’s newly released Galaxy S5 phone sports a fingerprint scanner embedded in the home button that works well but unfortunately, like iPhone 5S’ TouchID before …
Identifying security innovation strategies
Tom Quillin is the Director of Cyber Security Technology and Initiatives at Intel Corporation. In this interview he talks about security innovation, current and future …
Heartbleed bug: What regular users need to do
As the news of the existence of the Heartbleed bug in OpenSSL and the implications of its existence trickles down into mainstream media, users are trying to figure out what …
German police finds 18M stolen and misused account logins
Police in northwestern German city of Verden have discovered a collection of 18 million stolen email addresses and corresponding passwords that are being actively used to send …
LastPass adds two-factor authentication from Duo Security
LastPass integrated Duo’s mobile-based two-factor authentication solution to the LastPass password management platform to provide an additional layer of credential …
Featured news
Resources
Don't miss
- Security at AI speed: The new CISO reality
- Apple privacy labels often don’t match what Chinese smart home apps do
- In GitHub’s advisory pipeline, some advisories move faster than others
- Don’t panic over CISA’s KEV list, use it smarter
- Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)