Authentication, Hacking, InfoSec and Password Management

Authentication

Hacking

InfoSec

Password Management

Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass

Security Boulevard

FEBRUARY 5, 2023

The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors.

Password Management

Password Management Passwords Accountability Phishing

"Pwned", the Book, is Finally Here!

Troy Hunt

SEPTEMBER 8, 2022

Captivating stuff, apart from infosec, you really feel as though you’ve been taken on a journey with Troy through the years of living in paradise a.k.a. Great to see a book deliver this authenticity - we're all only human after all! I haven't been able to put the book down. This book has it all.

InfoSec

InfoSec Password Management Passwords IoT

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

OAuth: Your Guide to Industry Authorization and Authentication

eSecurity Planet

APRIL 20, 2021

Nearly a decade ago, the cyber industry was toiling over how to enable access for users between applications and grant access to specific information about the user for authentication and authorization purposes. and authentication-focused OpenID Connect (OIDC). Also Read: Passwordless Authentication 101. Manages permissions.

Authentication

Authentication Mobile Accountability Encryption

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog

Security Affairs

MARCH 13, 2023

The three-year-old high-severity flaw is a deserialization of untrusted data in Plex Media Server on Windows, a remote, authenticated attacker can trigger it to execute arbitrary Python code. LastPass revealed that the home computer of one of its DevOp engineers was hacked as part of a sophisticated cyberattack. in May 2020.

Media

Media InfoSec Password Management Engineering

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Troy Hunt

JANUARY 10, 2018

Which brings us back to Aadhaar and some rather unpleasant headlines of late, particularly the likes of The World's Largest Biometric ID System Keeps Getting Hacked. They claim that they're hack-proof. But claiming the service is "hack-proof", that's something I definitely have an issue with. Can you prove otherwise?

Hacking

Hacking Government Risk Encryption

Generated Passwords, UX and Security Absolutism

Troy Hunt

DECEMBER 10, 2019

The service was obviously rather popular because within days the tech (and mainstream) headlines were proclaiming that thousands of hacked Disney+ accounts were already for sale on hacking forums. There's a fundamental flaw in the logic which I summarised as follows: If the site generates a password, how do you store it?

Passwords

Passwords Password Management Accountability Authentication

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. Lots of accounts including Bezos, Elon Musk, Joe Biden, Barack Obama, Bill Gates, Mr Beast, and a ton more getting hacked for a bitcoin scheme. — Dave Kennedy (@HackingDave) July 15, 2020.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Episode 145: Veracode CTO Chris Wysopal and Life After Passwords with Plurilock

The Security Ledger

MAY 8, 2019

Also: we continue our series on life after the password by speaking to Ian Paterson, the CEO of behavioral authentication vendor Plurilock. Also: we continue our series on life after the password by speaking to Ian Paterson, the CEO of behavioral authentication vendor Plurilock.

Passwords

Passwords Password Management Authentication InfoSec

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

SC Magazine

MARCH 2, 2021

House Oversight and Homeland Security committees last week, SolarWinds’s former and current CEOs blamed an intern for creating a weak FTP server password and leaking it on GitHub – an act which may or may not have contributed to a supply chain hack that impacted users of the tech firm’s Orion IT performance monitoring platform.

Passwords

Passwords Password Management CISO InfoSec

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. It emerges that email marketing giant Mailchimp got hacked. ” SEPTEMBER.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Personal Cybersecurity Concerns for 2023

Security Through Education

JANUARY 18, 2023

Perhaps we thought, who would want to hack a completely unknow person like me? The Cybersecurity & Infrastructure Security Agency , lists the following 4 steps to protect yourself: Implement multi-factor authentication on your accounts and make it significantly less likely you’ll get hacked. Update your software.

Cybersecurity

Cybersecurity Social Engineering Scams IoT

Cyber Security Informer

Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass

"Pwned", the Book, is Finally Here!

Webinars

Trending Sources

OAuth: Your Guide to Industry Authorization and Authentication

Webinars

CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Generated Passwords, UX and Security Absolutism

Top Cybersecurity Accounts to Follow on Twitter

Episode 145: Veracode CTO Chris Wysopal and Life After Passwords with Plurilock

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

Happy 13th Birthday, KrebsOnSecurity!

Personal Cybersecurity Concerns for 2023

Stay Connected