passwords

(get it in RSS or Atom)

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn is privately settling the 2012 unsalted password leak. Were you one of the 800,000 affected users? Here's what you need to know.

Hackers force closure of Canadian Bitcoin exchange Cavirtex

Broken Bitcoin. Image courtesy of Shutterstock.

Canada's largest Bitcoin exchange - Cavirtex - has announced its closure, saying the latest in a string of hacking attacks may have left hashed passwords and 2FA "secrets" compromised.

Twitter's new tool should stop password sharing and help fend off hijackings

Twitter. Image courtesy of Shutterstock / Twin Design.

The new tool, TweetDeck Teams, lets users share Twitter accounts without having to share passwords.

RBS and NatWest banks to use Apple's Touch ID fingerprint system for mobile login

Touch ID. Image courtesy of Shutterstock.

The Royal Bank of Scotland and NatWest have launched a new mobile banking service that allows Apple customers to authenticate via Apple's Touch ID.

Windows 10 will work with FIDO specs for password-free access, says Microsoft

Windows 10 logo

Microsoft has announced that its forthcoming revamp of Windows will be compliant with FIDO's current specifications for advanced authentication. Or has it?

SSCC 178 - Are we there yet? [PODCAST]

Here's the latest episode of our weekly security podcast.

Enjoy...and "Happy Holidays," whether you're away on vacation yourself, or a sysadmin enjoying the time when everyone else is on vacation!

Stratfor hacker Jeremy Hammond used his cat's name as a password

Convicted Stratfor cyber-attacker admits to egregious, cat-related password choice

Convicted Stratfor attacker, Jeremy Hammond, has revealed how he thinks the Feds managed to get together the evidence they needed to send him to prison. How? It's all down to his pet-related password.

Is your webcam or baby monitor video feed being streamed to this website?

Privacy-ignoring site streams from unsecured cameras in nurseries and bedrooms

A website is searching for and publishing streams from internet-enabled cameras secured only with default passwords. Make sure you're not one of them.

Facebook prowls the internet looking for your password

Facebook prowls the internet looking for your password

Facebook explains that it's keeping its eye out for credentials - email, password combinations - dropped on sites after data breaches, running them against its own users' credentials to see if password reuse is going to land its users in trouble.

Reminder: iCloud's going to demand app-specific passwords from third-party apps

icloud-app-2sv-250

Yes, your third-party calendar, mail and contacts apps that don't support Apple's new two-factor authentication system are going to turn 10 toes up on your iThings. You'll need app-specific passwords to get at the cloud data.

SSCC 165 - "U2 or not U2," that is the question [PODCAST]

It's Chet Chat time!

Here's this week's episode of our news-you-can-use security podcast...

How dare you use my camera! 60 Sec Security [VIDEO]

Here's this week's 60 Second Security.

A week of news distilled into a swift minute of amusing but informative video...

Thousands of computers open to eavesdropping and hijacking

Thousands of computers open to eavesdropping and hijacking

Many, many people and businesses are running a remote access tool, Virtual Network Computing, without a password. The tool lets people see everything we do online or reach through and take over our systems. The list of exposed sites is astonishing: everything from power stations to pharmacies to people watching porn.

The top 5 privacy failures - what's the most epic fail of all? [POLL]

Epic privacy fails

The list of culprits in our eroding privacy is long, but some privacy fails stand out above the rest. So we're calling out five privacy killers that deserve an extra level of shaming.

Take our poll, and help us crown the most epic privacy fail of all ...

The data breach apocalypse that wasn't - 60 Sec Security [VIDEO]

Malware, spam and hacking - and not all bad news, either!

Watch 60 Second Security for Aug 9, 2014...

SSCC 159 - What can we learn from the "honeybot"? [PODCAST]

For your listening pleasure!

Here's this week's episode of the Sophos Security Chet Chat podcast...

Mozilla database leaks 76,000 email addresses, 4,000 passwords

Mozilla database leaks 76,000 email addresses, 4,000 passwords

Email addresses and encrypted passwords of thousands of Mozilla developers were accidentally exposed for a month - and there are no guarantees that they were not snaffled up by those with ill intent.

Monday review - the hot 22 stories of the week

dow-250

Make sure you're up to date with everything we wrote in the last seven days - it's weekly roundup time.

How to burn a password into your brain

How to burn a password into your brain

It turns out that it can actually be surprisingly easy to train people to memorise a 56-bit password or passphrase, two researchers found.

World Cup security well executed if you don't count the Wi-Fi

Soccer250

The company providing security for one of the World Cup venues in Brazil accidentally posted a photo containing the secret Wi-Fi password. Does it really matter? Was it even a secret to begin with?