fbpx
Friday, January 24, 2020
Password1, Password2, Password3 no more: Microsoft drops password expiration rec

Password1, Password2, Password3 no more: Microsoft drops password expiration rec

For many years, Microsoft has published a security baseline configuration: a set of system policies that are a reasonable default for a typical organization. This configuration may be sufficient for some companies, and it represents a good starting point for those corporations that need something stricter. While most of the settings have been unproblematic, one…
In brand-new gaffe, Facebook incorrectly gathers e-mail contacts for 1.5 million

In brand-new gaffe, Facebook incorrectly gathers e-mail contacts for 1.5 million

Facebook's privacy gaffes keep coming. On Wednesday, the social media company said it collected the stored email address lists of as many as 1.5 million users without permission. On Thursday, the company said the number of Instagram users affected by a previously reported password storage error was in the "millions," not the "tens of thousands"…
Password-exposing bug purged from LastPass extensions

Password-exposing bug purged from LastPass extensions

Still image from the long-running but currently defunct gameshow Password. Developers of the LastPass password manager have patched a vulnerability that made it possible for websites to steal credentials for the last account the user logged into using the Chrome or Opera extension. The vulnerability was discovered late last month by Google Project Zero researcher…
Online forum fractures the vintage passwords of Ken Thompson and other Unix leaders

Online forum fractures the vintage passwords of Ken Thompson and other...

Aurich Lawson / Getty As one of the original versions of Unix, BSD is an ancient operating system. So it shouldn’t come as a surprise that it used what are, by today’s standards, strange, even ridiculous security. For one, the hashing function protecting passwords, though state of the art 40 years ago, is now trivial…
DoorDash hack spills loads of information for 4.9 million individuals

DoorDash hack spills loads of information for 4.9 million individuals

DoorDash A hack on food-delivery service DoorDash leaked the personal data of 4.9 million customers, delivery workers, and merchants, the company revealed on Thursday. The breach took place on May 4, but DoorDash officials didn't learn of it until earlier this month when they noticed unusual activity involving an unnamed third-party service provider. That's what…
Presume can’t be obliged to expose “64- character” password, court guidelines

Presume can’t be obliged to expose “64- character” password, court guidelines

Getty Images The Fifth Amendment to the US Constitution bars people from being forced to turn over personal passwords to police, the Pennsylvania Supreme Court ruled this week. In a 4-3 ruling, justices from Pennsylvania’s highest court overturned a lower-court order that required the suspect in a child-pornography case to turn over a 64-character password…
Internet routers running Tomato are under attack by notorious crime gang

Internet routers running Tomato are under attack by notorious crime gang

advancedtomato.com Internet routers running the Tomato alternative firmware are under active attack by a self-propagating exploit that searches for devices using default credentials. When credentials are found and remote administration has been turned on, the exploit then makes the routers part of a botnet that’s used in a host of online attacks, researchers said on…

Recent Posts