More than 20 percent of companies do not lock out mobile users based on number of access attempts and more than 70 percent of companies do not require two-factor authentication for mobile devices, according to a survey of 447 IT decision-makers across industries by Champion Solutions Group for cloud-based document sharing service MessageOps.
Cable, IT, phone and Internet provider Comcast said it plans to reset about 200,000 customer accounts after the accounts' log-in and password combinations appeared on an underground marketplace over the weekend, reported ZDNet.
Android lock patterns, which Google introduced as an alternative to passwords, are not necessarily harder to guess or more secure than passwords.
The St. Louis Federal Reserve Bank has suffered a cyberattack in which its domain name servers were hijacked, security blogger Brian Krebs reported on Monday.
In a twist of irony, an initiative by Hilton Hotels & Resorts to prompt members to change the passwords of their account culminated in the discovery of a bug that could allow hackers to take over any number of accounts, if they knew the 9-digit number of a valid account.
The top news stories for Feb. 17, 2015.
It remains the conversation we're afraid to have: the one that leads us to the conclusion that the only way to secure our communications is with a system that reliably identifies us.
Cyberattackers are focusing on privileged accounts as their enterprise entry point for advanced persistent threat attacks, according to a study by CyberArk with participation by Cisco, Deloitte, Mandiant, RSA, and Verizon.
The "Masque" attack could replace legitimate iOS apps with malware-laden apps, resulting in possible theft of passwords, emails and other sensitive data, warns security firm FireEye.
Passwords have been declared dead for the past few decades. But with regard to the technology that should replace passwords, a lead Google security engineer is open to ideas.