Flipboard, a news aggregator service and mobile news app, notified users this week of a security incident during which hackers had access to internal systems for more than nine months. From a report: In a series of emails seen by ZDNet that the company sent out to impacted users, Flipboard said hackers gained access to databases the company was using to…
Tag: password
Millions of Golfers Land In Privacy Hazard After Cloud Misconfig
Millions of golfer records from the Game Golf app, including GPS details from courses played, usernames and passwords, and even Facebook login data, were all exposed for anyone with an internet browser to see — a veritable hole-in-one for a cyberattacker looking to build profiles for potential victims, to be used in follow-on social-engineering attacks. Threatpost reports: Security Discovery researcher Bob…
New John the Ripper Cracks Passwords On FPGAs
Long-time Slashdot reader solardiz has long bring an advocate for bringing security to open environments. Wednesday he contacted Slashdot to share this update about a piece of software he’s authored called John the Ripper: John the Ripper is the oldest still evolving password cracker program (and Open Source project), first released in 1996. John the Ripper 1.9.0-jumbo-1, which has just been…
Microsoft Moves Windows 10 Closer To A Future Without Passwords
“Microsoft has very quietly confirmed the death of Windows 10 passwords this week,” claims Forbes — though I think they may be overstating things a bit:
Microsoft’s crypto, identity and authentication team group manager, Yogesh Mehta, has made an announcement that he says puts “the 800 million people who use Windows 10 one step closer to a world without passwords….” Mehta confirmed…
ASU’s Dr. Partha Dasgupta on the Biggest Stories in Cryptography
Cryptography is an essential practice for our data-driven world. In this Q&A, Dr. Partha Dasgupta, an Associate Professor at Arizona State University (ASU) with experience at DARPA, shares some of his insights on the state of cryptography. For computer science students, the ASU Online Master of Computer Science (MCS) degree is an opportunity to learn […]
The post ASU’s Dr. Partha Dasgupta…
When can we finally get rid of passwords?
Source: https://www.theverge.com/2019/4/24/18514225/passwords-fido2-authentication-webauthn-security-key-cybersecurity-online-browser-web…
How to enable SSH access using a GPG key for authentication
Many of us are familiar with Secure Shell (SSH), which allows us to connect to other systems using a key instead of a password. This guide will explain how to eliminate SSH keys and use a GNU Privacy Guard (GPG) subkey instead.
read more Source: https://opensource.com/article/19/4/gpg-subkeys-ssh…
Edward Snowden: Assange’s Arrest and the Mueller Report Show a ‘Two-Tiered System of Justice’
In this week’s CYBER podcast, we sat down with Edward Snowden to talk about his life in Russia, Julian Assange, and press freedom.Source: https://motherboard.vice.com/en_us/article/597pvk/edward-snowden-assange-arrest-mueller-report…
More Than 23 Million People Use the Password ‘123456’
Bearhouse shares a new study from the UK’s “National Cyber Security Centre,” which advises the public on computer security, about the world’s most-frequently cracked passwords. It’s probably no surprise to the Slashdot readership: people use bad passwords. A recent study of publicly-available “hacked” accounts — by the UK National Cyber Security Centre — reveals “123456” was top, followed by the much…
Source Code of Iranian Cyber-Espionage Tools Leaked on Telegram
In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. From a report: The hacking tools are nowhere near as sophisticated as the NSA tools leaked in 2017, but they are dangerous nevertheless. The tools…