A company that makes password recovery tools has released one that can snatch passwords from a locked or sleeping Macintosh running Mac OS X Lion by plugging another computer into the Mac's FireWire port. The attack technique is several years old and the only way to defend against it is to turn the Mac off.
T-Mobile is hoping to make it easier for businesses to use Android phones by reselling secure e-mail services from Good Technology.
As the phone hacking saga continues to grip the U.K., mobile operators contend that spying on someone's voicemail messages wouldn't be possible today as several weaknesses in the systems have been eliminated.
The computer hacking group LulzSec said Saturday it had ended its campaign of cyberassaults on government and corporate websites and that it was time for it to "sail into the distance."
Online storage service Dropbox accidentally turned off password authentication for its 25 million users for four hours on Monday -- although "much less than 1 percent" of those accounts were accessed during the period, the company said. It is still investigating whether any of those accounts were improperly accessed.
Israel is setting up a national task force to expand the state's ability to defend vital infrastructure networks from cyberterrorist attacks by foreign countries and terrorist elements, according to a <a href="http://www.pmo.gov.il/PMOEng/Communication/EventsDiary/eventcyber180511.htm">report on Wednesday</a> by the country's prime minister's office.
To help its hundreds of millions of users prevent unauthorized access to their accounts, Facebook has added an optional verification step to its log-in process.
The U.S. government will coordinate private-sector efforts to create trusted identification systems for the Internet, with the goal of giving consumers and businesses multiple options for authenticating identity online, according to a plan released by President Barack Obama's administration.
This week I found out that my company is developing software in-house. Until now I hadn't known that we were a software development shop, but I guess I shouldn't be surprised. Most companies that I've been with have developed their own software for one purpose or another. I only learned about this software development project when one of the programmers approached me to ask about the best way to store usernames and passwords in the application's database. Yes, that's right -- they built the authentication right inside the application, instead of calling out to an external authentication source.
The European Commission, including the body's diplomatic arm, has been hit by what officials said Thursday was a serious cyberattack.
The intrusion by hackers of security giant RSA, a unit of EMC, has left customers and analysts wondering if it is still safe to use millions of the one-time passcode tokens used to log into enterprise IT systems.
With the rising awareness and concern over the stealing of passwords and other sensitive data from unsecured Wi-Fi networks, Twitter is the latest online services company to boost its use of encrypted website connections.
In the last three months of 2010 attackers managed to serve 3 million malicious advertising, or malvertising, impressions every day. That's the headline figure from a report released today from Web security firm Dasient. According to Dasient, that's a 100 percent increase from the preceding quarter.
IT staff spent the weekend in a massive clean-up operation to remove traces of a "spectacular" attack on computers at Bercy, the headquarters of the French Ministry of Economy, Finances and Industry, a government minister said Monday.
In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking.