Access Control

Access Control news, trend analysis and opinion

Reconnaissance code on industrial software site points to watering hole attack

Attackers are using a sophisticated Web-based tool to gather information on potential targets, researchers from AlienVault said...

New malvertising campaign hit visitors of several high-profile sites

Attackers redirected users to Web-based exploits by pushing malicious advertisements onto popular sites, researchers from Fox-IT said...


Firefox OS to outdo Android on granular application permissions

Users will be able to revoke permissions previously granted to apps starting with Firefox OS 2.1...

Attack targets firms from the automobile industry in Europe

Attackers are sending emails containing a new information-stealing Trojan program to customer service departments, Symantec researchers said...

British spy agency scanned for vulnerable systems in 32 countries, German paper reveals

Heise Online reveals top-secret details about the GCHQ's 'Hacienda' program...

brad anderson

Microsoft’s strategy on identity management aimed squarely at cloud-based services

Microsoft’s strategy for providing customers with identity management options is increasingly reliant on cloud-based methods of authentication and access control for provisioning of Windows-based mobile devices as well as Apple iOS...

New Gameover Zeus botnet keeps growing, especially in the US

A new Gameover Zeus malware variant has infected over 10,000 systems so far, researchers say...

Testing service rolls out vast federated identity management system using Oracle

The Educational Testing Service, a non-profit organization that provides academic assessment tests, says it has gained efficiencies by centralizing its identity and access management (IAM) for on-premises, cloud and hosted...

Amazon protects its virtual desktops with two-factor authentication

The company's WorkSpaces service can be used with hardware tokens from Gemalto...

Seven ways DARPA is trying to kill the password

From analyzing the way you walk to your heartbeat, these futuristic authentication systems could be here soon...

Network-attached storage devices more vulnerable than routers, researcher finds

A security review found serious vulnerabilities in 10 popular NAS systems...

Stealthy malware 'Poweliks' resides only in system registry

The malware is persistent across system reboots, despite not having any files on disk...

Attackers can easily create dangerous file-encrypting malware, new threat suggests

A newly discovered ransomware threat runs as a batch file and uses the open-source GnuPG program for encryption...

IBM buys access control and identity management firm CrossIdeas

With CrossIdeas, IBM is gaining auditing tools for policing segregation-of-duties violations across disparate systems...

Internet of things devices contain high number of vulnerabilities, study finds

Security researchers from Hewlett-Packard found 250 security issues when analyzing 10 popular IoT devices...

Antivirus products riddled with security flaws, researcher says

Antivirus products increase a computer's attack surface and may even lower operating system protections, a security researcher claims...

Is “Bring Your Own Identity” a security risk or advantage?

Questions abound over websites authenticating users via identities established through Facebook, LinkedIn, Google, Amazon, Microsoft Live, Yahoo Ponemon Institute survey shows....

Arrests made after international cyber-ring targets StubHub

StubHub accounts were compromised and used to buy tickets for popular events, which were then resold...

Systems engineer arrested in massive data leak in Japan

At least 7 million names were stolen from the database of education firm Benesse...

Botnet brute-forces remote access to point-of-sale systems

A new malware threat scans the Internet for POS systems and tries to access them using common usernames and passwords...

Load More