Linux Back Door Uses Covert Communication Protocol

Wednesday, November 13th, 2013

In May of this year, sophisticated attackers breached a large Internet hosting provider and gained access to internal administrative systems. The attackers appear to have been after customer record information such as usernames, emails, and passwords. While these internal administrative systems had access to customer records, discovery of the attack ...

Instagram Users Compromise Their Own Accounts for Likes

Tuesday, November 12th, 2013

Symantec Security Response has discovered many Instagram users have willingly shared their usernames and passwords to a bot-like app in order to increase likes and followers. The application known as InstLike was available for iOS and Android devices. It could be found in both Apple App Store and Google Play Store. ...

Researcher Uncovers Backdoor Vulnerability in D-Link Routers

Monday, October 14th, 2013

A security researcher this weekend discovered a backdoor vulnerability with certain D-Link routers that might allow cyber criminals to alter a router's setting without a username or password. In a note on its website, D-Link said it is "proactively working with the sources of these reports as well as continuing to review ...

How the Bible and YouTube are fueling the next frontier of password cracking

Wednesday, October 9th, 2013

Early last year, password security researcher Kevin Young was hitting a brick wall. Over the previous few weeks, he made steady progress decoding cryptographically protected password data leaked from the then-recent hack of intelligence firm Stratfor. But with about 60 percent of the more than 860,000 password hashes cracked, his attempts ...

Secure QR Login (SQRL)

Thursday, October 3rd, 2013

There's a new web authentication method being proposed by Steve Gibson over at grc.com and initially it looks really good and does seem to solve most, if not all, of the current security/privacy problems we have with traditional username/password authentication. In a nutshell, website login pages will display a QR code ...