Access Control

Access Control news, trend analysis and opinion

brad anderson

British spy agency scanned for vulnerable systems in 32 countries, German paper reveals

Heise Online reveals top-secret details about the GCHQ's 'Hacienda' program


New Gameover Zeus botnet keeps growing, especially in the US

A new Gameover Zeus malware variant has infected over 10,000 systems so far, researchers say

Amazon protects its virtual desktops with two-factor authentication

The company's WorkSpaces service can be used with hardware tokens from Gemalto

Testing service rolls out vast federated identity management system using Oracle

The Educational Testing Service, a non-profit organization that provides academic assessment tests, says it has gained efficiencies by centralizing its identity and access management (IAM) for on-premises, cloud and hosted...

Seven ways DARPA is trying to kill the password

From analyzing the way you walk to your heartbeat, these futuristic authentication systems could be here soon

Network-attached storage devices more vulnerable than routers, researcher finds

A security review found serious vulnerabilities in 10 popular NAS systems

Stealthy malware 'Poweliks' resides only in system registry

The malware is persistent across system reboots, despite not having any files on disk

Attackers can easily create dangerous file-encrypting malware, new threat suggests

A newly discovered ransomware threat runs as a batch file and uses the open-source GnuPG program for encryption

IBM buys access control and identity management firm CrossIdeas

With CrossIdeas, IBM is gaining auditing tools for policing segregation-of-duties violations across disparate systems

Internet of things devices contain high number of vulnerabilities, study finds

Security researchers from Hewlett-Packard found 250 security issues when analyzing 10 popular IoT devices

Antivirus products riddled with security flaws, researcher says

Antivirus products increase a computer's attack surface and may even lower operating system protections, a security researcher claims

Is “Bring Your Own Identity” a security risk or advantage?

Questions abound over websites authenticating users via identities established through Facebook, LinkedIn, Google, Amazon, Microsoft Live, Yahoo Ponemon Institute survey shows.

Arrests made after international cyber-ring targets StubHub

StubHub accounts were compromised and used to buy tickets for popular events, which were then resold

Systems engineer arrested in massive data leak in Japan

At least 7 million names were stolen from the database of education firm Benesse

Botnet brute-forces remote access to point-of-sale systems

A new malware threat scans the Internet for POS systems and tries to access them using common usernames and passwords

Vulnerability in AVG security toolbar puts IE users at risk

Bad design decisions could have enabled malware infections, researchers from CERT/CC said

Attack on Dailymotion redirected visitors to exploits

A rogue iframe injected into the site led visitors to exploits that installed a click-fraud Trojan program, researchers from Symantec said

Attack on Dailymotion redirected visitors to exploits

A rogue iframe injected into the site led visitors to exploits that installed a click-fraud Trojan program, researchers from Symantec said

Hardcoded SSH key gives backdoor access to Cisco communications manager

Cisco released new software versions to fix the issue and patch another serious vulnerability

Load More