fbpx
Friday, January 24, 2020
Internet routers running Tomato are under attack by notorious crime gang

Internet routers running Tomato are under attack by notorious crime gang

advancedtomato.com Internet routers running the Tomato alternative firmware are under active attack by a self-propagating exploit that searches for devices using default credentials. When credentials are found and remote administration has been turned on, the exploit then makes the routers part of a botnet that’s used in a host of online attacks, researchers said on…
Microsoft states obligatory password altering is “ancient and outdated”

Microsoft states obligatory password altering is “ancient and outdated”

Microsoft is finally catching on to a maxim that security experts have almost universally accepted for years: periodic password changes are likely to do more harm than good. In a largely overlooked post published late last month, Microsoft said it was removing periodic password changes from the security baseline settings it recommends for customers and…
In brand-new gaffe, Facebook incorrectly gathers e-mail contacts for 1.5 million

In brand-new gaffe, Facebook incorrectly gathers e-mail contacts for 1.5 million

Facebook's privacy gaffes keep coming. On Wednesday, the social media company said it collected the stored email address lists of as many as 1.5 million users without permission. On Thursday, the company said the number of Instagram users affected by a previously reported password storage error was in the "millions," not the "tens of thousands"…
New Windows 10 construct silences Cortana, brings passwordless accounts

New Windows 10 construct silences Cortana, brings passwordless accounts

The latest Insider build of Windows 10, 18309, expands the use of a thing that Microsoft has recently introduced: passwordless Microsoft accounts. It's now possible to create a Microsoft account that uses a one-time code delivered over SMS as its primary authenticator, rather than a conventional password. In the new Windows 10 build, these passwordless…
Digital exchange loses $137 million as creator takes passwords to the tomb

Digital exchange loses $137 million as creator takes passwords to the...

A cryptocurrency exchange in Canada has lost control of at least $137 million of its customers’ assets following the sudden death of its founder, who was the only person known to have access the the offline wallet that stored the digital coins. British Columbia-based QuadrigaCX is unable to access most or all of another $53…
Password-exposing bug purged from LastPass extensions

Password-exposing bug purged from LastPass extensions

Still image from the long-running but currently defunct gameshow Password. Developers of the LastPass password manager have patched a vulnerability that made it possible for websites to steal credentials for the last account the user logged into using the Chrome or Opera extension. The vulnerability was discovered late last month by Google Project Zero researcher…
Online forum fractures the vintage passwords of Ken Thompson and other Unix leaders

Online forum fractures the vintage passwords of Ken Thompson and other...

Aurich Lawson / Getty As one of the original versions of Unix, BSD is an ancient operating system. So it shouldn’t come as a surprise that it used what are, by today’s standards, strange, even ridiculous security. For one, the hashing function protecting passwords, though state of the art 40 years ago, is now trivial…

Recent Posts