Access Control

Access Control news, trend analysis and opinion

nac 1
nac 1

British Airways notifies frequent flyers of possible breach of their accounts

Many users had their reward points removed from their accounts as a precaution

Cisco patches autonomic networking flaws in IOS routers and switches

The flaws could allow attackers to gain limited access over affected devices or to disrupt their normal operation

Dell support tool put PCs at risk of malware infection

Weak authentication in Dell's System Detect utility could have enabled drive-by malware attacks

Flash-based vulnerability lingers on many websites three years later

A large number of developers have failed to patch their Flash applications against a vulnerability that can be exploited to target Web users

Cisco small business phones open to remote eavesdropping, calling

An authentication flaw allows attackers to listed to audio streams and make calls from Cisco SPA 300 and 500 IP phones

All major browsers hacked at Pwn2Own contest

Adobe Reader and Flash Player fell as well

At least 700,000 routers given to customers by ISPs are vulnerable to hacking

The devices have serious flaws that enable unauthorized remote access and DNS hijacking, a researcher found

EMET security tool updated to prevent VBScript God Mode attacks

Microsoft was forced to release EMET 5.2 again because customers experienced issues with the first variant

Yahoo's new on-demand password system is no replacement for two-factor authentication

The new authentication option offers better security than static passwords, but it's not as strong as two-step verification

BlackBerry teams with Samsung and IBM to offer governments a secure tablet

The SecuTablet is a modified Samsung Galaxy Tab S 10.5 bundled with security management software and a hardware encryption module

Tool allows account hijacking on sites that use Facebook Login

Attackers can force users to associate their accounts on other sites with malicious Facebook accounts

Windows systems are also vulnerable to FREAK attacks

A recently disclosed vulnerability in SSL/TLS implementations also affects Microsoft's Schannel crypto library and Internet Explorer

DoCoMo app shares SIM credentials with offline devices

Smartphones with new Qualcomm chipsets could send SIM subscriber identities to multiple offline devices

Flaw in popular Web analytics plug-in exposes WordPress sites to hacking

Attackers can easily crack cryptographic keys used by the WP-Slimstat plug-in and use them to read information from a site's database

TrueCrypt audit back on track after silence and uncertainty

Phase two of the project will begin shortly and will be done by a professional team of consultants

Information disclosure flaw exposes Netgear wireless routers to attacks

The vulnerability allows attackers to extract admin passwords and wireless network keys

Personal weather stations can expose your Wi-Fi network

Netatmo weather stations upload Wi-Fi passwords and SSIDs to the company's servers over insecure connections

Jeb Bush's email dump puts constituents' personal data online

The emails posted on a Bush website included personal data such as Social Security numbers

Load More