Access Control

Access Control news, trend analysis and opinion

Dropbox dismisses claims of hack affecting 7 million accounts

The credentials leaked by an alleged hacker online were likely stolen from other services, the company said

What you should consider when choosing a password manager

Password managers offer many convenient options, but some come at the expense of security


Yahoo says attackers looking for Shellshock found a different bug

The bug has now been fixed and user data was not at risk, the company said

Tools for creating malicious USB thumb drives released by security researchers

The tools can be used to modify the firmware on USB flash drives in order to infect computers with malware

OpenVPN servers can be vulnerable to Shellshock Bash vulnerability

Some OpenVPN configuration options open remote attack vectors for Bash vulnerabilities, VPN provider warns

The FBI’s big, bad identification system

The FBI’s formidable Next Generation Identification is up and running

security

8 cutting-edge technologies aimed at eliminating passwords

From electronic pills to digital tattoos, these eight innovations aim to secure systems and identities without us having to remember a password ever again

Apple's iOS 8 fixes enterprise Wi-Fi authentication hijacking issue

A weakness in Apple's Wi-Fi implementation could give hackers access to enterprise wireless networks, researchers said

Adobe releases previously delayed security updates for Reader and Acrobat

The updates fix eight vulnerabilities, including some that could be exploited to infect computers with malware

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

A common theme in identity and access management failure: lack of Active Directory optimization

From the vantage point of most people, even technical folks, Active Directory (AD) seems like it’s doing pretty well. How often can you not log in when you sit down at your PC? How often do you fail to find someone in the corporate...

Cyberespionage group starts using new Mac OS X backdoor program

The new malware program is an OS X version of a Windows backdoor called XSLCmd, researchers from FireEye said

LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

Apple blames leaked nude celebrity photos on 'targeted attack'

There was no iCloud breach, the company claims

Hackers make drive-by download attacks stealthier with fileless infections

New attacks with the Angler exploit kit inject code directly in browser processes without leaving files on disk, a researcher found

Reconnaissance code on industrial software site points to watering hole attack

Attackers are using a sophisticated Web-based tool to gather information on potential targets, researchers from AlienVault said

New malvertising campaign hit visitors of several high-profile sites

Attackers redirected users to Web-based exploits by pushing malicious advertisements onto popular sites, researchers from Fox-IT said

Firefox OS to outdo Android on granular application permissions

Users will be able to revoke permissions previously granted to apps starting with Firefox OS 2.1

Attack targets firms from the automobile industry in Europe

Attackers are sending emails containing a new information-stealing Trojan program to customer service departments, Symantec researchers said

British spy agency scanned for vulnerable systems in 32 countries, German paper reveals

Heise Online reveals top-secret details about the GCHQ's 'Hacienda' program

Load More