HackDig : Dig high-quality web security articles for hacker

Preparing for the iPhone X and the Future of Facial Recognition Technology

As we approach the holiday season, both consumers and IT professionals are considering replacing their old devices with a whole new lineup of smartphones, phablets and tablets. Whether you’re treating yourself, adding to your wish list or considering options for your next enterprise rollout, it’s important to weigh the pros and cons of introducin
Publish At:2017-11-04 02:00 | Read:3035 | Comments:0 | Tags:Mobile Security Apple Authentication Biometric Mobile Securi

Credentials (UN)Management in home banking.

Introduction Out of the five main information security pillars, namely confidentiality, integrity, availability, authenticity and irrefutability, common users give more attention to the first one. But in real life even though in general people agree with the importance of backup, not many actually implement this security mechanism. What one says and what one
Publish At:2017-10-25 07:50 | Read:3634 | Comments:0 | Tags:Breaking News Hacking authentication banking

APNIC Whois-related problem led to accidental exposure of authentication data

APNIC Deputy Director General Sanjaya confirmed that Whois data were accidentally exposed online included authentication details. The Asia-Pacific Network Information Centre (APNIC) is a non-profit organization that provides Internet addressing services in the Asia-Pacific region. The APNIC made the headlines because it was informed about a Whois-related sec
Publish At:2017-10-24 13:20 | Read:3736 | Comments:0 | Tags:Breaking News Data Breach APNIC authentication data breach d

Building Digital Trust, One Blockchain at a Time

Since it first appeared in 2009, the bitcoin network has grown significantly. The digital currency’s recent surge in value has sparked discussions within the security space about the benefits of blockchain, a technology that promotes the type of trust that is sorely lacking in some digital transactions. Today, people are exchanging real money for cryp
Publish At:2017-09-22 13:40 | Read:2907 | Comments:0 | Tags:Banking & Financial Services Authentication Bitcoin Blockcha

Experts spotted a login page flaw in Joomla that exposes admin credentials

Researchers at RIPS Technologies discovered a login page vulnerability affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. Experts at RIPS Technologies discovered a login page flaw affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. The flaw affects Joomla installs when using Lightweight Directory Acces
Publish At:2017-09-21 20:20 | Read:2584 | Comments:0 | Tags:Breaking News Hacking authentication Joomla 3.8 LDAP

Have We Been Wrong All Along About Good Password Practices?

Have we been creating passwords the wrong way all along? You might think so, based on the new set of guidelines the National Institute of Standards and Technology (NIST) recently issued about the best password practices. NIST Special Publication 800-63 is a comprehensive guide to managing digital identity, and its recommendations are widely adopted by organi
Publish At:2017-09-21 00:50 | Read:3563 | Comments:0 | Tags:Endpoint Identity & Access Authentication National Institute

e-Signature Security Speeds Government Paperwork Along

As public administrators have learned, efficiency in government is largely a matter of executing the small things well. A saved mailing expense or avoided delay can add up to a lot more work for a lot less tax money, which is one practical definition of good government in action. One example of this process is a current U.S. Census Bureau initiative to imple
Publish At:2017-09-11 19:25 | Read:5632 | Comments:0 | Tags:Data Protection Fraud Protection Government Authentication D

Security Specialists Discuss Identity and Access Management in the Age of Ransomware

Over the past few months, we have seen widespread attacks such as NotPetya and WannaCry cripple organizations at record scale and speed, either for monetary gain or with the sole purpose of causing destruction. In their wake, many professionals are assessing what these new threats mean for their security strategies, infrastructures and policies. As a point o
Publish At:2017-09-07 15:10 | Read:2468 | Comments:0 | Tags:Identity & Access Authentication Human Factor Identity and A

CynoSure Prime ‘cracktivists’ exposed 320 Million hashed passwords

The anonymous CynoSure Prime ‘cracktivists” reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. The anonymous CynoSure Prime ‘cracktivists” is back and reversed 320 million hashed passwords dumped to the popular researcher Troy Hunt. Two years ago the CynoSure Prime group reversed hashes of 11 million lea
Publish At:2017-09-04 13:00 | Read:3034 | Comments:0 | Tags:Breaking News Data Breach Hacking authentication cracking pa

Poor Management of Security Certificates and Keys Leads to Preventable Outages

Digital security certificates have become a vital part of online communications. Combining cryptography with a standardized format, they have grown from simple assertions of identity to full authentication methods. But as important as they have become, security certificates remain fallible. More Certificates, More Problems According to a Venafi study, 79 pe
Publish At:2017-09-01 10:00 | Read:2246 | Comments:0 | Tags:Risk Management Authentication Browser Security Business Con

PostgreSQL issues three security patches, apply them asap

PostgreSQL has issued three security patches for 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22 versions. Update them as soon as possible. PostgreSQL has issued three security patches for 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22 versions. “The PostgreSQL Global Development Group is pleased to announce the availability of PostgreSQL 10 Beta 3 and updates to a
Publish At:2017-08-14 18:00 | Read:1960 | Comments:0 | Tags:Breaking News Hacking authentication DBMS PostgreSQL

The Untapped Potential of Two-Factor Authentication

Remote authentication traditionally depends on two factors: something the user knows, such as a password, and something the user has, such as a hardware token. This is called two-factor authentication (2FA). In practice, something that the entity knows typically serves as the primary method of authentication. Passwords have long reigned supreme because the
Publish At:2017-08-09 10:45 | Read:2675 | Comments:0 | Tags:Identity & Access Access Management Authentication Authentic

Ransomware, Trojans and Fraud, Oh My! Tracking Recent Cybercrime Trends and Patterns

Throughout the years, banks have expanded their services by offering an ever-evolving set of online capabilities. As a result, financial institutions have become an obvious target for cybercrime and have been quick to deploy various layers of protection to keep their customers safe. Cybercriminals are looking for online money to grab as a day job. Many opera
Publish At:2017-08-07 21:55 | Read:2908 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Authentication

IBM Scores a Strong Performer Placement in Risk-Based Authentication Wave

We are proud to announce that Forrester named IBM a Strong Performer in its new report, “The Forrester Wave: Risk-Based Authentication, Q3 2017.” This is the first update to the Forrester Wave for Risk-Based Authentication (RBA) since Q1 2012, and IBM’s first time participating in the report as one of the eight most “significant provi
Publish At:2017-08-03 06:56 | Read:2882 | Comments:0 | Tags:Identity & Access Authentication Authentication Software For

The Evolution of Digital Certificates

In the early days of the internet, one of the first functional problems users faced was how to verify that entities on the other end of a connection were who they said they were. At first, the nebulous nature of online transactions inhibited e-commerce, since buyers feared that their payment information might be hijacked. This lack of trust precipitated the
Publish At:2017-07-25 11:50 | Read:2569 | Comments:0 | Tags:Fraud Protection Identity & Access Authentication Certificat


Share high-quality web security related articles with you:)


Tag Cloud