fbpx
Saturday, August 15, 2020
Password-exposing bug purged from LastPass extensions

Password-exposing bug purged from LastPass extensions

0
Still image from the long-running but currently defunct gameshow Password. Developers of the LastPass password manager have patched a vulnerability that made it possible for websites to steal credentials for the last account the user logged into using the Chrome or Opera extension. The vulnerability was discovered late last month by Google Project Zero researcher…
Microsoft states obligatory password altering is “ancient and outdated”

Microsoft states obligatory password altering is “ancient and outdated”

0
Microsoft is finally catching on to a maxim that security experts have almost universally accepted for years: periodic password changes are likely to do more harm than good. In a largely overlooked post published late last month, Microsoft said it was removing periodic password changes from the security baseline settings it recommends for customers and…
Password1, Password2, Password3 no more: Microsoft drops password expiration rec

Password1, Password2, Password3 no more: Microsoft drops password expiration rec

0
For many years, Microsoft has published a security baseline configuration: a set of system policies that are a reasonable default for a typical organization. This configuration may be sufficient for some companies, and it represents a good starting point for those corporations that need something stricter. While most of the settings have been unproblematic, one…
In brand-new gaffe, Facebook incorrectly gathers e-mail contacts for 1.5 million

In brand-new gaffe, Facebook incorrectly gathers e-mail contacts for 1.5 million

0
Facebook's privacy gaffes keep coming. On Wednesday, the social media company said it collected the stored email address lists of as many as 1.5 million users without permission. On Thursday, the company said the number of Instagram users affected by a previously reported password storage error was in the "millions," not the "tens of thousands"…
Digital exchange loses $137 million as creator takes passwords to the tomb

Digital exchange loses $137 million as creator takes passwords to the...

0
A cryptocurrency exchange in Canada has lost control of at least $137 million of its customers’ assets following the sudden death of its founder, who was the only person known to have access the the offline wallet that stored the digital coins. British Columbia-based QuadrigaCX is unable to access most or all of another $53…
Beast 773 million-record breach list includes plaintext passwords

Beast 773 million-record breach list includes plaintext passwords

0
Getty Images Have I Been Pwned, the breach notification service that serves as a bellwether for the security of login credentials, has just gotten its hands on its biggest data haul ever—a list that includes almost 773 million unique email addresses and 21 million unique passwords that were used to log in to third-party sites.…
New Windows 10 construct silences Cortana, brings passwordless accounts

New Windows 10 construct silences Cortana, brings passwordless accounts

0
The latest Insider build of Windows 10, 18309, expands the use of a thing that Microsoft has recently introduced: passwordless Microsoft accounts. It's now possible to create a Microsoft account that uses a one-time code delivered over SMS as its primary authenticator, rather than a conventional password. In the new Windows 10 build, these passwordless…
Hack on 8 adult sites exposes thousandses of intimate user information

Hack on 8 adult sites exposes thousandses of intimate user information

0
Enlarge / One of the hacked websites, wifelovers.com, as it appeared on October 12. A recent hack of eight poorly secured adult websites has exposed megabytes of personal data that could be damaging to the people who shared pictures and other highly intimate information on the online message boards. Included in the leaked file are…

Recent Posts