Certification authority reports security breach
Another certification authority has fallen prey to attackers in need of certificates for phishing authentication pages. The authority in question is StartSSL, operated by …
authentication
Dropbox security glitch allowed anyone to access user accounts
Web-based file hosting service Dropbox has confirmed that a bug introduced by a code push allowed anyone to access any user account by simply typing in a random password for a …
Two-factor authentication for Mailchimp using AlterEgo
MailChimp is an innovative company that provides mailing list management services with a twist. Their down-to-earth approach and focus towards the best user experience is what …
Concerned with the vulnerability of authentication tokens?
Since RSA has finally admitted publicly that the March breach into its systems has resulted in the compromise of their SecurID two-factor authentication tokens, organizations …
RSA admits SecurID tokens have been compromised
RSA has finally admitted publicly that the March breach into its systems has resulted in the compromise of their SecurID two-factor authentication tokens. The admission comes …
Reveal Facebook passwords stored in Web browsers
Logins and passwords to various Web resources are routinely stored or cached in Web browsers to speed up access to protected resources. While it is possible to extract cached …
Physical, logical and mobile authentication in one software
Entrust released IdentityGuard 10.0, which brings together security solutions for physical, logical and mobile access. This latest update to Entrust’s authentication …
Attack against Lockheed Martin result of previous RSA breach?
Lockheed Martin, one of United States’ largest military contractors, has experienced an attack against its computer networks, and speculations abound on whether the …
Cloud identity tools for LinkedIn, Twitter and Microsoft Live
Ping Identity released Cloud Identity Connectors for LinkedIn, Twitter, and Microsoft Live, enabling the enterprise to rely on cloud service providers and social networking …
The rise of layered fraud prevention
By 2014, 15 percent of enterprises will adopt layered fraud prevention techniques for their internal systems to compensate for weaknesses inherent in using only authentication …
Google authentication protocol flaw endangers Android users
If you’re an Android user that has still not upgraded to the 2.3.4 and 3.0 version, you’re in danger of having the information contained in various Google …
OpenID Attribute Exchange flaw
The OpenID Foundation has issued an alert for all sites using OpenID that don’t confirm that the information passed through Attribute Exchange – the service …