Access Control

Access Control news, trend analysis and opinion

Flaw in popular Web analytics plug-in exposes WordPress sites to hacking

Attackers can easily crack cryptographic keys used by the WP-Slimstat plug-in and use them to read information from a site's database

TrueCrypt audit back on track after silence and uncertainty

Phase two of the project will begin shortly and will be done by a professional team of consultants


Information disclosure flaw exposes Netgear wireless routers to attacks

The vulnerability allows attackers to extract admin passwords and wireless network keys

Personal weather stations can expose your Wi-Fi network

Netatmo weather stations upload Wi-Fi passwords and SSIDs to the company's servers over insecure connections

Jeb Bush's email dump puts constituents' personal data online

The emails posted on a Bush website included personal data such as Social Security numbers

5 technologies that betrayed Silk Road's anonymity

Even technologies designed to preserve privacy can reveal identities when not used thoughtfully

DDoS malware for Linux systems comes with sophisticated custom-built rootkit

XOR.DDoS is distributed through SSH brute-force password guessing attacks

Siemens patches critical flaws in industrial wireless gear

The vulnerabilities allow attackers to take control of affected Ruggedcom WIN systems

Dangerous IE vulnerability opens door to powerful phishing attacks

The flaw can be used to steal authentication cookies and inject rogue code into websites

Cisco integration gives Samsung Knox users more options for secure connectivity

Under pressure from falling phone sales, Samsung continues to court CIOs

China tightens Internet control by blocking VPN services

Clampdown causes problems for users attempting to connect to Gmail and other sites

Thousands of U.S. gas stations exposed to Internet attacks

Over 5,000 tank gauges that are used to monitor fuel levels and potential spills are accessible from the Internet without a password

Sharp rise seen in attacks using stolen credentials

The attacks have been beating fraud detection systems

doctor medical tablet

Healthcare breaches need a cure for human errors

Digital health records are a prime target for cyber criminals. The information can be used in a variety of ways, from identity theft to fraudulently obtaining prescription drugs. It retains its value much longer than credit card...

Google publishes third Windows 0-day vulnerability in a month

Google is sticking to its 90-day disclosure deadline, despite criticism by Microsoft

cutcaster 902830953 tour small

Throw your vendor under the bus after a breach? Not quite so fast

Tips for your third-party risk management program.

Exploit allows Asus routers to be hacked from local network

Users should install firmware updates as soon as they become available and should block untrusted devices on their networks

CryptoWall ransomware variant has new defenses

Cisco found that the latest version of the malware terminates itself if it runs in a virtual machine

Apple blocks tool that brute-forces iCloud passwords

The tool allowed attackers to try a large number of passwords for Apple ID accounts

Moonpig jeopardizes data of millions of customers through insecure API

The company failed to fix a security flaw reported over a year ago, a developer said

Load More