HackDig : Dig high-quality web security articles for hackers

Questions to Ask When Conducting Single Sign-On Enrollment

Instead of asking employees to input passwords every day, single sign-on (SSO) offers a simplified but secure authentication process. SSO authentication gives a user the option of choosing a single set of credentials to access multiple accounts and services. So, how can organizations best use SSO for their purposes? This authentication scheme works with the
Publish At:2020-08-11 10:36 | Read:180 | Comments:0 | Tags:Identity & Access Email Identity Identity and Access Managem

A week in security (June 22 – 28)

Last week on Malwarebytes Labs, we provided a zero-day guide for 2020 featuring recent attacks and advanced preventive techniques, and we learned how to cough in the face of scammers, offering security tips for the 2020 tax season. We also looked at a web skimmer hiding within EXIF metadata that was exfiltrating credit cards via image files. In the most r
Publish At:2020-06-29 13:21 | Read:433 | Comments:0 | Tags:A week in security BlueLeaks Google IBM image files Lucifer

You DID change your password after that data breach, didn’t you?

byPaul DucklinUntil a few years ago, received wisdom for passwords included advice to change them all on a regular and frequent basis, just because you could.The laudable idea was that this reduced the length of time you’d be exposed if your password were breached, and you’d therefore “obviously” be safer as a reult.Ironically, this b
Publish At:2020-06-04 13:15 | Read:427 | Comments:0 | Tags:Data loss data breach passwords

Shift Your Cybersecurity Mindset to Maintain Cyber Resilience

As the business world navigates the ups and downs of today’s economy, a mindset shift is required to maintain cyber resilience. Cybersecurity, often an afterthought in a strong economy, must not be neglected in responding to shifts in the business landscape. As more companies expand their remote workforce, the number of endpoints with access to corpora
Publish At:2020-06-04 12:22 | Read:411 | Comments:0 | Tags:Data Protection Identity & Access Business Continuity C-Suit

The passwordless present: Will biometrics replace passwords forever?

When it comes to securing your sensitive, personally identifiable information against criminals who can engineer countless ways to snatch it from under your nose, experts have long recommended the use of strong, complex passwords. Using long passphrases with combinations of numbers, letters, and symbols that cannot be easily guessed has been the de facto sec
Publish At:2020-04-21 13:11 | Read:907 | Comments:0 | Tags:Privacy Apple behaviometrics biometrics brute force CCC Chao

Cybersecurity labeling scheme introduced to help users choose safe IoT devices

The Internet of Things (IoT) is a term used to describe a wide variety of devices that are connected to the Internet to improve user experience. For example, a doorbell becomes part of the IoT when it connects to the Internet and allows users to see visitors outside their door. But the way in which some of these IoT devices connect invites serious securit
Publish At:2020-04-07 14:49 | Read:782 | Comments:0 | Tags:IoT apac cls cybersecurity labeling scheme passwords routers

How Retail Security Can Welcome IoT Innovations Without Putting Customers at Risk

Retail businesses, from mom-and-pop shops to major department stores, are investing heavily in technology to enhance the in-store experience. With the imminent arrival of mainstream 5G, smarter systems are expected to dominate the retail space as the internet of things (IoT) expands. But as we know from connected device deployments in other sectors, such as
Publish At:2020-03-11 08:47 | Read:671 | Comments:0 | Tags:Retail IoT Access Management Connected Devices Customer Expe

FBI recommends using passphrases instead of complex passwords

The FBI recommends using longer passwords composed of multiple words into a long string of at least 15 characters instead of short passwords including special characters. Recent guidance from the National Institute of Standards and Technology (NIST) highlights that the password length is much more important than password complexity. The recommendatio
Publish At:2020-02-24 09:50 | Read:626 | Comments:0 | Tags:Breaking News Security Hacking passwords Security News

Will Weak Passwords Doom the Internet of Things (IoT)?

Weak passwords can hurt any organization’s security efforts and make any device easily hackable, but could they also be the greatest point of failure for internet of things (IoT) security? Weak passwords certainly put companies deploying IoT devices at greater risk of falling victim to a cyberattack. We have already begun to see attacks targeting IoT d
Publish At:2020-02-15 17:18 | Read:738 | Comments:0 | Tags:Endpoint Risk Management IoT Authentication Connected Device

A week in security (December 23 – 29)

Last week on Malwarebytes Labs, we continued our retrospective coverage with a look at how lawmakers in the United States treated online privacy this year, finding trends in multiple federal bills introduced in the Senate. Then we took a little break for the holidays. Other cybersecurity news: Now an annual tradition for close to a decade, SplashData u
Publish At:2019-12-30 16:50 | Read:998 | Comments:0 | Tags:A week in security a week in security Google Chrome online p

Consumer Groups are Racing to Issue Security Warnings For Amazon Ring

Over the last few weeks, the media published stories about hacked Amazon Ring devices that allow hackers to get unauthorized access to consumer video monitoring devices such as Amazon Ring. One of the warnings recently issued from Fight For The Future stated that Amazon Ring cameras are not safe. The consumer group quoted a report from VICE saying that there
Publish At:2019-12-26 09:15 | Read:1442 | Comments:0 | Tags:Mobile News Security passwords Privacy security

Fake Elder Scrolls Online developers go phishing on PlayStation

A player of popular gaming title Elder Scrolls Online recently took to Reddit to warn users of a phish via Playstation messaging. This particular phishing attempt is notable for ramping up the pressure on recipients—a classic social engineering technique taken to the extreme. A terms of service violation? In MMORPG land, the scammers take a theoretically pla
Publish At:2019-12-06 16:50 | Read:1175 | Comments:0 | Tags:Social engineering elder scrolls online ESO gamers gaming ga

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siri_urz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strike and Maze ransomware, the later wave of malicious emails w
Publish At:2019-12-03 16:50 | Read:1450 | Comments:0 | Tags:Threat analysis backdoor banking Trojan banking Trojans cred

Court says suspect can’t be forced to reveal 64-character password

byLisa VaasThe dry facts: A US court has come down in favor of Fifth Amendment protections against forced disclosure of a 64-character passcode in a child abuse imagery case = an important interpretation of whether forced password disclosure is the modern equivalent of an unconstitutionally coerced confession.The gut punch: The defendant is a man previously
Publish At:2019-11-26 12:35 | Read:1530 | Comments:0 | Tags:Cryptography Law & order Mobile Privacy child abuse child ab

IoT bills and guidelines: a global response

You may not have noticed, but Internet of Things (IoT) rules and regulations are coming whether manufacturers want them or not. From experience, drafting up laws which are (hopefully) sensible and have some relevance to problems raised by current technology is a time-consuming, frustrating process. However, it’s not that long since we saw IoT devices go main
Publish At:2019-11-22 16:50 | Read:1239 | Comments:0 | Tags:IoT Privacy Australia California internet Internet of Things

Tools

Tag Cloud