HackDig : Dig high-quality web security articles for hacker

New Intel Chips Pack Hardware Authentication Technology

Intel’s 6th Generation Intel Core™ vPro™ Processors Add Hardware-based Authentication Features Chip giant Intel Corporation has started shipping its 6th Generation Intel Core™ vPro™ processor family, which now features a hardware-enhanced multifactor authentication solution designed to strengthen identity protection.   With many data breaches
Publish At:2016-01-30 00:05 | Read:1922 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Your Line of Business Hates Access Certifications - You Should Too!

Like Many Compliance-driven Efforts, Access Certifications are Often Hastily Implemented to Satisfy Auditors...Line of business (LOB) managers hate access certifications (or recertifications). From their perspective, it’s a bit like asking them to systematically visit every seat in a theater, during the feature film, and act as “theater police”, checking tic
Publish At:2016-01-27 17:50 | Read:2571 | Comments:0 | Tags:INDUSTRY INSIGHTS Identity & Access

How to Tell Whether You're Getting a Return on Governance

Like Many Security Technologies, Access Governance Won't Directly Drive More Revenue for a Business. So How Can You Deliver a Return on Governance?Surveys can be mind-numbingly dry, but there is occasionally something surprising to be learned about what is happening in the industry. Ponemon’s 2015 Cost of Cyber Crime Study (PDF) shows Access Govern
Publish At:2016-01-07 09:35 | Read:2386 | Comments:0 | Tags:INDUSTRY INSIGHTS Compliance Identity & Access Risk Mana

Root Certificate Shipped With Dell PCs Poses Serious Risk

For the past several months, Dell has been shipping new desktop and laptop computers with a preloaded self-signed root certificate which, according to experts, poses serious security and privacy risks.The root certificate, named eDellRoot, is installed into the system store by an application called Dell Foundation Services. Dell has been shipping the certifi
Publish At:2015-11-24 16:45 | Read:2459 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Most Enterprises Prone to Privileged Account Hacks: Report

Most Windows-based network devices that hold sufficiently privileged credentials to enable attackers compromise other machines and accounts have been found to be susceptible to compromise, a recent report from CyberArk Labs reveals. According to the report (PDF), dubbed “Analyzing Real-World Exposure to Windows Credential Theft Attacks,” 88 percent of the an
Publish At:2015-11-11 21:55 | Read:2351 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Malware Served via Anti-Adblocking Service PageFair

Hackers breached the systems of anti-adblocking solutions provider PageFair and used the access to deliver malware via the publishers that rely on the company’s services.PageFair helps web publishers measure and recover revenue lost due to ad blockers, which have become increasingly problematic for the advertising industry. The company says it serves more th
Publish At:2015-11-03 15:55 | Read:2924 | Comments:0 | Tags:Cyberwarfare Desktop Security Disaster Recovery Mobile Secur

Is Yahoo's New Account Key the Future of Authentication?

Rumors of the password’s demise have been greatly exaggerated over the years. As security professionals, we know how fragile they are in the hands of talented hackers, and how much users revile them, yet their ubiquity has proven stubborn to dislodge.Last week, Yahoo introduced “Account Key”, which uses push notifications to their Yahoo Mail app on mobile de
Publish At:2015-10-21 21:45 | Read:2617 | Comments:0 | Tags:INDUSTRY INSIGHTS Email Security Identity & Access

LogMeIn To Acquire LastPass for $125 Million in Cash

LogMeIn on Friday said that it would  acquire single-sign-on (SSO) and password management service LastPass for $125 million in cash. LastPass (incorporated as Marvasol, Inc.), has millions of users, and is expected to strengthen LogMeIn’s position in the identity and access management (IAM) market and to help it grow further. Following the acquisi
Publish At:2015-10-11 09:40 | Read:2040 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Management & S

XML-RPC Used to Amplify WordPress Brute Force Attacks

Attackers have been abusing an XML-RPC method to amplify their brute force attacks against WordPress websites, experts have warned.According to security firm Sucuri, malicious actors are leveraging the fact that the XML-RPC protocol, which is supported by WordPress and several other popular content management systems, allows users to execute multiple methods
Publish At:2015-10-09 14:35 | Read:1892 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Attackers Target Organizations via Cisco WebVPN

A Cisco VPN product has been targeted by malicious actors looking to steal sensitive credentials and maintain access to compromised networks, according to incident response and threat intelligence company Volexity.The security firm says it has spotted attacks against several organizations via the Cisco Clientless SSL VPN (WebVPN), a product that allows Cisco
Publish At:2015-10-08 20:35 | Read:2495 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Is Identity the New Perimeter? What Would Donald Trump Think?

I recently attended yet another security conference where a vendor triumphantly declared that “identity is the new perimeter”. As often as this statement has been made, it seems as though it is perceived to be some sort of generally accepted truth. This conventional wisdom is founded on the idea that with the rise of the four horsemen of IT – cloud, mob
Publish At:2015-09-29 02:35 | Read:1931 | Comments:0 | Tags:INDUSTRY INSIGHTS Identity & Access

WordPress 4.3 "Billie" Improves Password Security

WordPress 4.3, dubbed “Billie” in honor of jazz singer Billie Holiday, is available for download. The latest version introduces new features for both website administrators and developers, along with significant password security improvements.With the release of version 4.3, the developers of the popular content management system (CMS) announced some changes
Publish At:2015-08-19 18:55 | Read:1975 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

Dropbox Enhances Authentication Security With USB Second Factor

Dropbox customers can now protect their accounts by using a USB device as the second factor in the two-step authentication (2FA) process.2FA can be a highly efficient mechanism for protecting online accounts because it prevents unauthorized access even if the username and password have been compromised. The second authentication factor is usually provided vi
Publish At:2015-08-13 21:50 | Read:1963 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access

The Most Vicious Zero-Day Exploit? Insiders.

As security professionals we worry about zero-day exploits - those vulnerabilities known by attackers for which there is no current fix. The zero day, of course, lasts until we assiduously apply patches, waiting for Tuesdays like a kid waiting for gifts on Christmas morning. The gift givers come from many sources – Microsoft, Apple, Adobe, Oracle and any num
Publish At:2015-08-13 04:15 | Read:3020 | Comments:0 | Tags:INDUSTRY INSIGHTS Identity & Access Risk Management expl

CA Technologies to Acquire Identity Management Firm Xceedium

Enterprise technology provider CA Technologies said on Tuesday that it has signed a definitive agreement to acquire network security software maker Xceedium for an undisclosed sum. Xceedium’s Xsuite privileged identity management solution for hybrid IT environments helps address security and compliance needs, such as centralized shared account manageme
Publish At:2015-08-04 10:15 | Read:2133 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access


Share high-quality web security related articles with you:)


Tag Cloud