Key findings of a new study conducted by Keeper Security that analyzed 10 million hacked accounts from breached data dumps for the most popular passwords. Users’ bad habits are still one of the biggest problems for the IT industry, weak passwords and their reuse on multiple websites every day potentially expose a billion users to cyber […]
The CVE-2016-4484 vulnerability can be exploited to gain a Linux Root shell by simply pressing the Enter Key for 70 Seconds. It could be quite easy to bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds. In this way, it is possible to open a shell […]
Security researchers demonstrated that a Wrong oAuth 2.0 implementation allows a remote simple hack that exposes more than 1 Billion Android App Accounts. A remote simple hack devised by a group of security researchers threatens an amazing number of Android and iOS apps. An attacker can use the technique to sign into any victim’s mobile […]
Experts discovered a new variant of the Android Acecard banking trojan that asks victims to take a selfie while they are holding an ID card. The inventiveness of the criminals is a never ending pit. Recently, a number of organizations announced a new authentication method based on the selfies. For example, HSBC customers can open […]
Google announced a change to its security policy to increase the account security that includes the OAuth 2.0 token revocation upon password reset. Google has finally announced a new OAuth 2.0 token revocation according to its security policy, the company will roll out the change starting on Oct. 5. The change to the Google security policy […]
The Norwegian company warned the users that the Opera Sync service of a possible security breach that might have exposed their data. On Friday, Opera, published a security alert to warn its users that the Opera Sync service might have been breached. In response to the alleged incident, Opera forced a password reset for all Sync […]
Google has launched a new Google API working together with Dashlane, to stop using passwords for Android users and improving the user experience. It is true that Android security apps work wonder and also Google has been trying to use fewer passwords or none whatsoever, making it harder for someone to penetrate the privacy of its users. […]
QRLJacking is an attack technique devised by a cyber security researcher to Hijack bypass QR Code Based Quick Login System. Many desktop applications such as Line, WeChat, and WhatsApp allow users to authenticate themself with the Secure Quick Response Login method that relies on QR-code. The QR-code-based authentication system allows users to quickly access a website […]
EMC Data Domain OS and VMware NSX and vRealize are affected by security issues that could be exploited to gain unauthorized access to data. Both EMC and VMware are affected by security issues that could allow unauthorized access to attackers. An information disclosure vulnerability in the EMC Data Domain OS could potentially be exploited by malicious users […]
Daniel Kaufman announced that Google is planning to make password identifications outmoded by 2017 and replace them with trust scores. Google wants to replace traditional passwords on Android with “trust scores,” and it is planning to do it by 2017. The announcement was officialized at the Google I/O conference, the IT giant intends to use Google’s Trust API technology developed by […]