Viewing posts tagged Authentication Attacks
flaw-in-mail-list-compromises-password-file
Posted by: admin 16 years, 5 months ago
There are a number of things that make passwords increasingly unusable. One of the biggest problems with passwords is that you're supposed to use different ones for different systems. It's a no-no to use the same password in multiple places because if one gets compromised, then the other systems are compromised.
comment-on-the-t-mobile-attack
Posted by: admin 16 years, 5 months ago
I'm sure everyone (in security) has seen the article at Security Focus about the T-Mobile attack and probably some of the great commentary about it, especially here.
I only have one comment: Everyone write your bank, cellular company, credit card company, utility companies and tell them that you want strong authentication and you want it now.
follow-up-on-t-mobile-security
Posted by: admin 16 years, 5 months ago
So this weekend, the blog started getting a ton of hits from google searches for "Paris Hitlon T-moble hacked SideKick" etc. I couldn't figure out why the big rush all the sudden until I read the Register this a.m..
could-two-factor-authentication-have-saved-7
Posted by: admin 16 years, 5 months ago
Well, it is hard to say since there is still debate about whether the alleged rouge trader worked alone, but there are reports that using two-factor authentication might have it harder for him to make fake trades that appeared to offset losses.
debian-cvs-server-compromised
Posted by: admin 16 years, 5 months ago
Hat tip to Chris Walsh at Emergent Chaos on the Debian server compromise. No information on wheter it was an authentication attack, like the last time in 2003.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)