Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company said it’s issuing the advisory after “several customers” reported Read more…
Colorado scrambles to change voting-system passwords after accidental leak The department also cited “strict chain of custody requirements that track when a voting systems component has been accessed and by whom,” and it said that each “Colorado voter votes on a paper ballot, which is then audited during the Risk Read more…
The Crusade to Replace Passwords With Passkeys Just Intensified A global tech industry group devoted to ending the internet’s dependence on passwords has released a set of resources that it hopes will usher in a new paradigm for how we sign in to things online. The Fast Identity Online (FIDO) Read more…
Webinar on MFA, Passwords, and the Shift to Passwordless Oct 07, 2024The Hacker NewsPassword Security / Data Security The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Read more…
Why ‘Never Expire’ Passwords Can Be a Risky Decision Sep 23, 2024The Hacker NewsPassword Management / Data Breach Password resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they Read more…
Meta Fined €91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext Sep 30, 2024Ravie LakshmananGDPR / Data Privacy The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed Read more…
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024. “The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI Read more…
Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords Jan 29, 2024NewsroomVulnerability / NTML Security A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS Read more…
CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats Dec 18, 2023NewsroomSoftware Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial Read more…