password

(get it in RSS or Atom)

Patching XP, Flappy Bird malware, Tesco passwords leaked - 60 Sec Security [VIDEO]

2014-02-15-really-250

Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?

60 Sec Security - 15 Feb 2014

The Spampionship, the PWN2OWN unicorn, and how Target was breached - 60 Sec Security [VIDEO]

2014-02-08-unicorn-250

Where do you find Extreme Spammers? Can you find the exploit unicorn? And how did Target get breached?

Find out in 60 Sec Security for 08 Feb 2014...

SSCC 132 - More breaches, treacherous gas pumps, poor passwords and Data Privacy Day [PODCAST]

sscc-132-thumb-250

This week's Chet Chat starts out with credit card breaches, covers the issue of whether you really need good passwords everywhere, and ends with an upbeat and encouraging conclusion...

Listen and learn more!

Leaks in logfiles, malware on Macs and Korean credit compromise - 60 Sec Security [VIDEO]

2014-01-25-mac-malware-250

Leaky logic leaves logins loose in logfiles; mendacious mails menace Macs with Mavericks malware, and criminal contractor compromises Korean credit company!

60 Sec Security - 25 Jan 2014...

Are our passwords really that bad? And does it really matter?

Are our passwords really that bad? And does it really matter?

It's that time of year again. A new "Worst Password" list has been published for the password-savvy population's enjoyment. As much as we like to chuckle/groan at this list, is there ever a justification for a bad password?

OpenSSL website defacement - it wasn't a HYPERVISOR HACK after all

ossl-250

OpenSSL, the widely-used open source cryptographic library, had its website defaced.

Early stories may have told you that it was a "hypervisor hack," which sounds like serious trouble, but it wasn't...

Microsoft joins tech giants and FIDO in the fight for simpler, safer authentication

Microsoft joins tech giants and FIDO in the fight for simpler, safer authentication

Microsoft joins Google, PayPal, Lenovo and other tech giants as a member of the FIDO (Fast IDentity Online) Alliance, a non-profit group working to design better and more standardised methods of checking identity across the internet.

D-Link patches "Joel's Backdoor" security hole in its SoHo routers

dl-524-250

About six weeks ago we wrote about an amusingly alarming security hole in various D-Link routers.

D-Link has now come out with a firmware fix - don't forget to update if you're on the affected list...

LG TVs grab data, GitHub attacked, vBulletin breached - 60 Sec Security [VIDEO]

2013-11-23-sneaky-tv-250

How honest is your TV? Why do crooks like source code hacks? Should you brag when you publish a breach notification?

Find out now in 60 Second Security.

Loyaltybuild, Amazon, Facebook and Mavis Batey MBE - 60 Sec Security [VIDEO]

Why shouldn't you store unencrypted credit card numbers? How can you squeeze a positive result from a password breach? What sort of pressure was on the cryptanalysts at Bletchley Park?

Find out the answers in just one minute!

Facebook locks users in a closet for using same passwords/emails on Adobe

Facebook locks users in a closet for using same passwords/emails on Adobe

Blessed be Facebook for using this real-world example to 100% back up Naked Security when we proselytize about the evils of password reuse. And if you're worried that Facebook's mining of breached Adobe customer records and quarantining of users is Big Brother-ish, fear not: the company didn't have to store passwords in clear text or pull any other boneheaded security move to know just what its customers' reused passwords are.

NSA, Apple, Facebook and Adobe - 60 Sec Security [VIDEO]

2013-11-02-giraffes-250

A touch of fun but with a serious side - and only a minute to watch it.

Give our weekly "60 Second Security" video a whirl today...

Lessons to learn from the MongoHQ database breach

mongo-hq-250

Cloud-based database services company MongoHQ is in "we'd better fix things" mode this week, following a network intrusion that proves the old adage that once you've been breached, all security bets are off.

Facebook privacy, Google ads, D-Link security, CryptoLocker ransom - 60 Sec Security [VIDEO]

2013-10-19-cryptolock-250

What leaves your computer standing but your data in ruins? Should Facebook teenagers be able to message the world? How can you stop Google using your photo in ads?

Find out in this week's Sophos 60 Second Security!

D-Link router flaw lets anyone login through "Joel's Backdoor"

dl-524-250

Embedded systems hackers play around with devices like home routers and set-top boxes, to see what their proprietary hardware and firmware might reveal.

See what they just found in a range of D-Link routers - you'll want to laugh, though it's not really funny.

Google coding glitch locks Apple iOS users out of on-line accounts

ga-logo-250

Google has once again found itself all over the IT news for a spot of bother with its security software.

A recent Google Authenticator update accidentally removed all your accounts...

League of Legends hacked, salted passwords and credit card numbers stolen

League of Legends hacked, salted credit card numbers stolen

Riot Games has confirmed that real names, usernames, email addresses and salted password hashes have been stolen in a recent security breach of its League of Legends real-time strategy game.

Anatomy of a brute force attack - how important is password complexity?

alpha-250

Is eight characters enough for a password?

If not, what about nine?

Just when you thought it was safe to go back in the water (closet)!

loos-250

So many vulnerabilities are doom-and-gloom that you'd be forgiven for wondering if there are ever any at which you are allowed an uncomplicated chuckle.

The guys at Trustwave found one!

Lakeland hacked and passwords reset, customers advised to change passwords elsewhere

Lakeland hacked and passwords reset, customers advised to change passwords elsewhere

Lakeland has suffered a "sophisticated and sustained" attack in which two encrypted databases were accessed. It says it's found no evidence that data was stolen but has reset customers' passwords to be on the safe side.