August 7, 2017 Typosquatting Attack Puts Developers at Risk From Infected JavaScript Packages 2 min read - Investigations by npm, a Node.js management registry, revealed that an errant attacker uploaded 38 malicious JavaScript packages on the repository.
August 7, 2017 Cerber Ransomware Now Steals Bitcoin Data 2 min read - A Cerber ransomware update adds new exploits, which allows it to steal wallet files. It then tries to steal saved passwords from browsers.
Identity & Access July 25, 2017 Administrator Credentials: A Security Breach Waiting to Happen 2 min read - If access is not properly secured, cybercriminals can use weak administrator credentials to take control over corporate networks.
June 26, 2017 Forgot Password? Man-in-the-Middle Attack Can Perform a Password Reset, Researchers Warn 2 min read - Many high-profile online services are vulnerable to a new type of attack that could enable fraudsters to intercept password reset requests.
Identity & Access June 7, 2017 The New NIST Digital Identity Guidelines and What They Mean to You 2 min read - With the most recent draft of its Digital Identity Guidelines, NIST revised many of its federal recommendations regarding passwords and access management.
May 16, 2017 Study: Users Cleaning Up Password Security Habits 2 min read - Upon analyzing a massive password dump, Duo Labs concluded that users are slowly but surely adopting recommended password security best practices.
May 4, 2017 The Password Problem: Poor Cyber Hygiene Letting Cybercriminals Clean Up 2 min read - The continued reuse of weak credentials within the enterprise has allowed fraudsters to clean up their acts. World Password Day reminds us to do the same.
Identity & Access April 14, 2017 Episode 007: One Small Sticky Note on a Password Wall, One Giant Leap for Security 3 min read - If you're writing down your passwords on adhesive notes or in a journal, you might need a refresher on password security best practices.
April 4, 2017 Security Professionals Leave Social Media Accounts Vulnerable, Survey Reveals 2 min read - Security professionals who fail to secure their social media accounts create openings for cybercriminals to access more critical, work-related data.
March 6, 2017 DblTek GoIP GSM Gateways Have a Backdoor Password 2 min read - DblTek GSM gateways have a hidden backdoor password that allows root shell access. How can users protect themselves from this vulnerability?