X-Force November 6, 2017 How Not to Store Passwords: SHA-1 Fails Again 3 min read - Symmetric key encryption, password hashing and SHA-1 are all ineffective ways to store passwords during the software development stage.
October 31, 2017 Windows Vulnerability Puts NTLM Password Hashes at Risk 2 min read - A Colombian security researcher discovered a flaw that could enable attackers to steal Windows NTLM password hashes without any user interaction.
August 14, 2017 Password Strength Concerns Mean Corporate Security Policies Might Need Resetting 2 min read - The man who first wrote about password strength has modified his stance and written new guidelines that IT managers should follow.
August 14, 2017 Poor Password Policy? New Study Probes Prevalent Protection Problems 3 min read - A new study found that most web services have poor password policy. What's the prescription for these protection problems?
August 7, 2017 Typosquatting Attack Puts Developers at Risk From Infected JavaScript Packages 2 min read - Investigations by npm, a Node.js management registry, revealed that an errant attacker uploaded 38 malicious JavaScript packages on the repository.
Risk Management June 16, 2017 Back to Basics: Six Simple Strategies to Strengthen Your Security Posture 2 min read - These six basic strategies can help organizations stop some threats, minimize others and improve their overall security posture.
May 16, 2017 Study: Users Cleaning Up Password Security Habits 2 min read - Upon analyzing a massive password dump, Duo Labs concluded that users are slowly but surely adopting recommended password security best practices.
Fraud Protection April 4, 2017 Trust, but Verify: Authentication Without Validation Is Naïve 3 min read - Fraudsters have rendered traditional authentication factors — something you know, something you have and something you are — ineffective.
Identity & Access January 16, 2017 Too Many Passwords: Is the End in Sight? 3 min read - Will passwords become things of the past in 2017? Today, organizations tasked with managing too many passwords are at risk of phishing and malware attacks.