Join Us On LinkedIn

David Garrett on why NIST’s “help” on how organizations should manage passwords is, surprisingly, useful.
LastPass, a company that offers users a way to centrally manage all of their passwords online with a single master password, disclosed Monday that intruders had broken into its databases and made off with user email addresses and password reminders, among other data. via Password Manager LastPass Warns of Breach — Krebs on Security
Firefox maker Mozilla has admitted it accidentally exposed the email addresses of almost 80,000 members of its Developer Network, along with thousands of encrypted passwords. via Infosecurity – Mozilla Fesses up to Accidental Data Breach — Infosecurity
The password is dead. That’s the message from John Proctor, Microsoft’s vice president of global cybersecurity, who wrote a blog post on the subject this week. via Microsoft cybersecurity exec declares the password dead – Dallas Business Journal
AOL has asked millions of users to change their passwords and security questions after confirming a cyber attack affecting a small portion of its users. AOL released a statement Monday that said the breach “involved unauthorized access to AOL’s network and systems,” giving the hackers access to mail addresses, postal addresses, address book contact information, […]
Security researchers say the threat, known as Heartbleed, is serious, partly because it remained undiscovered for more two years. Attackers can exploit the vulnerability without leaving any trace, so anything sent during that time has potentially been compromised. It’s not known, though, whether anyone has actually used it to conduct an attack. Researchers are advising […]