HackDig : Dig high-quality web security articles for hacker

Building Digital Trust, One Blockchain at a Time

Since it first appeared in 2009, the bitcoin network has grown significantly. The digital currency’s recent surge in value has sparked discussions within the security space about the benefits of blockchain, a technology that promotes the type of trust that is sorely lacking in some digital transactions. Today, people are exchanging real money for cryp
Publish At:2017-09-22 13:40 | Read:134 | Comments:0 | Tags:Banking & Financial Services Authentication Bitcoin Blockcha

Experts spotted a login page flaw in Joomla that exposes admin credentials

Researchers at RIPS Technologies discovered a login page vulnerability affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. Experts at RIPS Technologies discovered a login page flaw affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. The flaw affects Joomla installs when using Lightweight Directory Acces
Publish At:2017-09-21 20:20 | Read:94 | Comments:0 | Tags:Breaking News Hacking authentication Joomla 3.8 LDAP

Have We Been Wrong All Along About Good Password Practices?

Have we been creating passwords the wrong way all along? You might think so, based on the new set of guidelines the National Institute of Standards and Technology (NIST) recently issued about the best password practices. NIST Special Publication 800-63 is a comprehensive guide to managing digital identity, and its recommendations are widely adopted by organi
Publish At:2017-09-21 00:50 | Read:95 | Comments:0 | Tags:Endpoint Identity & Access Authentication National Institute

e-Signature Security Speeds Government Paperwork Along

As public administrators have learned, efficiency in government is largely a matter of executing the small things well. A saved mailing expense or avoided delay can add up to a lot more work for a lot less tax money, which is one practical definition of good government in action. One example of this process is a current U.S. Census Bureau initiative to imple
Publish At:2017-09-11 19:25 | Read:178 | Comments:0 | Tags:Data Protection Fraud Protection Government Authentication D

Security Specialists Discuss Identity and Access Management in the Age of Ransomware

Over the past few months, we have seen widespread attacks such as NotPetya and WannaCry cripple organizations at record scale and speed, either for monetary gain or with the sole purpose of causing destruction. In their wake, many professionals are assessing what these new threats mean for their security strategies, infrastructures and policies. As a point o
Publish At:2017-09-07 15:10 | Read:101 | Comments:0 | Tags:Identity & Access Authentication Human Factor Identity and A

CynoSure Prime ‘cracktivists’ exposed 320 Million hashed passwords

The anonymous CynoSure Prime ‘cracktivists” reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. The anonymous CynoSure Prime ‘cracktivists” is back and reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. Two years ago the CynoSure Prime group reversed hashes of 11 million lea
Publish At:2017-09-04 13:00 | Read:227 | Comments:0 | Tags:Breaking News Data Breach Hacking authentication cracking pa

Poor Management of Security Certificates and Keys Leads to Preventable Outages

Digital security certificates have become a vital part of online communications. Combining cryptography with a standardized format, they have grown from simple assertions of identity to full authentication methods. But as important as they have become, security certificates remain fallible. More Certificates, More Problems According to a Venafi study, 79 pe
Publish At:2017-09-01 10:00 | Read:140 | Comments:0 | Tags:Risk Management Authentication Browser Security Business Con

PostgreSQL issues three security patches, apply them asap

PostgreSQL has issued three security patches for 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22 versions. Update them as soon as possible. PostgreSQL has issued three security patches for 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22 versions. “The PostgreSQL Global Development Group is pleased to announce the availability of PostgreSQL 10 Beta 3 and updates to a
Publish At:2017-08-14 18:00 | Read:163 | Comments:0 | Tags:Breaking News Hacking authentication DBMS PostgreSQL

The Untapped Potential of Two-Factor Authentication

Remote authentication traditionally depends on two factors: something the user knows, such as a password, and something the user has, such as a hardware token. This is called two-factor authentication (2FA). In practice, something that the entity knows typically serves as the primary method of authentication. Passwords have long reigned supreme because the
Publish At:2017-08-09 10:45 | Read:155 | Comments:0 | Tags:Identity & Access Access Management Authentication Authentic

Ransomware, Trojans and Fraud, Oh My! Tracking Recent Cybercrime Trends and Patterns

Throughout the years, banks have expanded their services by offering an ever-evolving set of online capabilities. As a result, financial institutions have become an obvious target for cybercrime and have been quick to deploy various layers of protection to keep their customers safe. Cybercriminals are looking for online money to grab as a day job. Many opera
Publish At:2017-08-07 21:55 | Read:245 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Authentication

IBM Scores a Strong Performer Placement in Risk-Based Authentication Wave

We are proud to announce that Forrester named IBM a Strong Performer in its new report, “The Forrester Wave: Risk-Based Authentication, Q3 2017.” This is the first update to the Forrester Wave for Risk-Based Authentication (RBA) since Q1 2012, and IBM’s first time participating in the report as one of the eight most “significant provi
Publish At:2017-08-03 06:56 | Read:208 | Comments:0 | Tags:Identity & Access Authentication Authentication Software For

The Evolution of Digital Certificates

In the early days of the internet, one of the first functional problems users faced was how to verify that entities on the other end of a connection were who they said they were. At first, the nebulous nature of online transactions inhibited e-commerce, since buyers feared that their payment information might be hijacked. This lack of trust precipitated the
Publish At:2017-07-25 11:50 | Read:216 | Comments:0 | Tags:Fraud Protection Identity & Access Authentication Certificat

ICS Companies Are Worried About Cybersecurity, But Are They Worried About the Right Things?

Companies operating Industrial Control Systems (ICS) have a special set of challenges to deal with. Which is the state of the art? The equipment was expected to be installed and left alone for a long time. Pressures to reduce operating costs led to this equipment being connected, and the easiest networking equipment to find was designed for convenience in a
Publish At:2017-06-13 07:40 | Read:385 | Comments:0 | Tags:Breaking News Hacking Reports authentication cyber security

US Defense is working on new multifactor authentication systems

DARPA is currently developing a multifactor authentication system that will replace the current common access card (CAC). According to a report published by American Security Today, the DARPA High-Assurance Cyber Military Systems (HACMS) program is designing technology for the creation of safe and secure cyber-physical systems. DARPA is currently developing
Publish At:2017-06-11 18:50 | Read:391 | Comments:0 | Tags:Breaking News Digital ID Hacking authentication biometrics D

The New NIST Digital Identity Guidelines and What They Mean to You

The National Institute of Standards and Technology (NIST) recently released a draft of its Digital Identity Guidelines that included some significant and noteworthy changes. While the public comment period has closed, the document still has to go through an internal review process that is expected to last until the end of this summer. Big Changes to the NIS
Publish At:2017-06-07 21:40 | Read:308 | Comments:0 | Tags:Identity & Access Access Management Authentication Multifact


Share high-quality web security related articles with you:)


Tag Cloud