Dropbox adds U2F support for better security
Two-factor authentication is often held up as a best practice for security in the online world, but Dropbox on Wednesday announced a new feature that's designed to make it even tougher.
Two-factor authentication is often held up as a best practice for security in the online world, but Dropbox on Wednesday announced a new feature that's designed to make it even tougher.
Oracle's CSO thinks customers who reverse-engineer its code in attempts to find bugs should cut it out because they're not finding much worth acting on and, more importantly, they're violating their licensing agreements.
An attack using the SMB file sharing protocol that has been believed to work only within local area networks for over a decade can also be executed over the Internet, two researchers showed at the Black Hat security conference.
File synchronization services, used to accommodate roaming employees inside organizations, can also be a weak point that attackers could exploit to remain undetected inside compromised networks.
RFID card access systems are used by most companies to let people into their buildings. But over the last few years, researchers have shown how these systems can be easily bypassed.
Startup FinalCode secures files so permissions that protect them follow them around even when they are accessed outside secured networks.
A bug in OpenSSH, the most popular software for secure remote access to UNIX-based systems, could allow attackers to bypass authentication retry restrictions and execute many password guesses.
Cisco Systems recently realized that its Unified Communications Domain Manager (Unified CDM) software contains a default privileged account with a static password that cannot be changed, exposing the platform to hacking by remote attackers.
VMware is hoping to convince CIOs to centralize single sign-on access to all kinds of apps with Identity Manager, which can run in the cloud or on-site and also offers application provisioning and a self-service catalog.
The data breach landscape could look very different in the future with the increased adoption of chip-enabled payment cards in North America -- but for now point-of-sale systems account for the majority of breaches there, compared to a tiny minority in other regions of the world.
A new malware program designed to steal payment card details from point-of-sale (PoS) systems is targeting businesses using Oracle Micros products.
Owners of fixed-code garage door openers might want to consider upgrading them because a researcher has developed a technique that guesses the numbers in seconds.
A number of high-profile source-code repositories hosted on GitHub could have been modified using weak SSH authentication keys, a security researcher has warned.
Cybercriminals have developed a Web-based attack tool to hijack routers on a large scale when users visit compromised websites or view malicious advertisements in their browsers.
Password managers are a great way to supply random, unique passwords to a high number of websites. But most still have an Achilles' heel: Usually, a single master password unlocks the entire vault.