Access Control

Access Control news, trend analysis and opinion

headingpic

Cyberespionage group launches sophisticated phishing attacks against Outlook Web App users

The group targeted military agencies, embassies, defense contractors and media organizations, researchers from Trend Micro said


Facebook and Yahoo prevent use of recycled email addresses to hijack accounts

A new mechanism helps email servers determine if a message was intended for a recycled account's previous owner

Abandoned subdomains pose security risk for businesses

Attackers could hijack subdomains pointed by companies at external services they no longer use, researchers say

One week after patch, Flash vulnerability already exploited in large-scale attacks

The Fiesta exploit kit bundles an exploit for the CVE-2014-0569 vulnerability in Flash Player, researchers found

Dropbox dismisses claims of hack affecting 7 million accounts

The credentials leaked by an alleged hacker online were likely stolen from other services, the company said

What you should consider when choosing a password manager

Password managers offer many convenient options, but some come at the expense of security

Yahoo says attackers looking for Shellshock found a different bug

The bug has now been fixed and user data was not at risk, the company said

Tools for creating malicious USB thumb drives released by security researchers

The tools can be used to modify the firmware on USB flash drives in order to infect computers with malware

OpenVPN servers can be vulnerable to Shellshock Bash vulnerability

Some OpenVPN configuration options open remote attack vectors for Bash vulnerabilities, VPN provider warns

The FBI’s big, bad identification system

The FBI’s formidable Next Generation Identification is up and running

security

8 cutting-edge technologies aimed at eliminating passwords

From electronic pills to digital tattoos, these eight innovations aim to secure systems and identities without us having to remember a password ever again

Apple's iOS 8 fixes enterprise Wi-Fi authentication hijacking issue

A weakness in Apple's Wi-Fi implementation could give hackers access to enterprise wireless networks, researchers said

Adobe releases previously delayed security updates for Reader and Acrobat

The updates fix eight vulnerabilities, including some that could be exploited to infect computers with malware

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

A common theme in identity and access management failure: lack of Active Directory optimization

From the vantage point of most people, even technical folks, Active Directory (AD) seems like it’s doing pretty well. How often can you not log in when you sit down at your PC? How often do you fail to find someone in the corporate...

Cyberespionage group starts using new Mac OS X backdoor program

The new malware program is an OS X version of a Windows backdoor called XSLCmd, researchers from FireEye said

LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

Apple blames leaked nude celebrity photos on 'targeted attack'

There was no iCloud breach, the company claims

Hackers make drive-by download attacks stealthier with fileless infections

New attacks with the Angler exploit kit inject code directly in browser processes without leaving files on disk, a researcher found

Load More