As we approach the holiday season, both consumers and IT professionals are considering replacing their old devices with a whole new lineup of smartphones, phablets and tablets. Whether you’re treating yourself, adding to your wish list or considering options for your next enterprise rollout, it’s important to weigh the pros and cons of introducin

Introduction Out of the five main information security pillars, namely confidentiality, integrity, availability, authenticity and irrefutability, common users give more attention to the first one. But in real life even though in general people agree with the importance of backup, not many actually implement this security mechanism. What one says and what one

APNIC Deputy Director General Sanjaya confirmed that Whois data were accidentally exposed online included authentication details. The Asia-Pacific Network Information Centre (APNIC) is a non-profit organization that provides Internet addressing services in the Asia-Pacific region. The APNIC made the headlines because it was informed about a Whois-related sec

Since it first appeared in 2009, the bitcoin network has grown significantly. The digital currency’s recent surge in value has sparked discussions within the security space about the benefits of blockchain, a technology that promotes the type of trust that is sorely lacking in some digital transactions. Today, people are exchanging real money for cryp

Researchers at RIPS Technologies discovered a login page vulnerability affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. Experts at RIPS Technologies discovered a login page flaw affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. The flaw affects Joomla installs when using Lightweight Directory Acces

Have we been creating passwords the wrong way all along? You might think so, based on the new set of guidelines the National Institute of Standards and Technology (NIST) recently issued about the best password practices. NIST Special Publication 800-63 is a comprehensive guide to managing digital identity, and its recommendations are widely adopted by organi

As public administrators have learned, efficiency in government is largely a matter of executing the small things well. A saved mailing expense or avoided delay can add up to a lot more work for a lot less tax money, which is one practical definition of good government in action. One example of this process is a current U.S. Census Bureau initiative to imple

Over the past few months, we have seen widespread attacks such as NotPetya and WannaCry cripple organizations at record scale and speed, either for monetary gain or with the sole purpose of causing destruction. In their wake, many professionals are assessing what these new threats mean for their security strategies, infrastructures and policies. As a point o

The anonymous CynoSure Prime ‘cracktivists” reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. The anonymous CynoSure Prime ‘cracktivists” is back and reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. Two years ago the CynoSure Prime group reversed hashes of 11 million lea

Digital security certificates have become a vital part of online communications. Combining cryptography with a standardized format, they have grown from simple assertions of identity to full authentication methods. But as important as they have become, security certificates remain fallible. More Certificates, More Problems According to a Venafi study, 79 pe

PostgreSQL has issued three security patches for 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22 versions. Update them as soon as possible. PostgreSQL has issued three security patches for 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22 versions. “The PostgreSQL Global Development Group is pleased to announce the availability of PostgreSQL 10 Beta 3 and updates to a

Remote authentication traditionally depends on two factors: something the user knows, such as a password, and something the user has, such as a hardware token. This is called two-factor authentication (2FA). In practice, something that the entity knows typically serves as the primary method of authentication. Passwords have long reigned supreme because the

Throughout the years, banks have expanded their services by offering an ever-evolving set of online capabilities. As a result, financial institutions have become an obvious target for cybercrime and have been quick to deploy various layers of protection to keep their customers safe. Cybercriminals are looking for online money to grab as a day job. Many opera

We are proud to announce that Forrester named IBM a Strong Performer in its new report, “The Forrester Wave: Risk-Based Authentication, Q3 2017.” This is the first update to the Forrester Wave for Risk-Based Authentication (RBA) since Q1 2012, and IBM’s first time participating in the report as one of the eight most “significant provi

In the early days of the internet, one of the first functional problems users faced was how to verify that entities on the other end of a connection were who they said they were. At first, the nebulous nature of online transactions inhibited e-commerce, since buyers feared that their payment information might be hijacked. This lack of trust precipitated the