credentials – Page 38 – WindowsTechs.com

Inside look at lifecycle of stolen credentials and extent of data breach damage

Posted on July 19, 2018 by Help Net Security

Shape Security released its Credential Spill Report, shedding light on the extent to which the consumer banking, retail, airline and hospitality industries are impacted by credential stuffing attacks and account takeover. The report analyzes attacks th… Continue reading Inside look at lifecycle of stolen credentials and extent of data breach damage→

Why would a password reset method be like this? Is it especially safe?

Posted on July 16, 2018 by user182259

The library of the Technical University in my city (Europe) has a password reset system which I did not encounter anywhere else.

Students have to go to some office inside the university to get a new password; external users … Continue reading Why would a password reset method be like this? Is it especially safe?→

Recent ESLint hack or how can we protect ourselves from installing malicious npm packages?

Posted on July 13, 2018 by alecxe

Recently, eslint-scope and eslint-config-eslint packages were hacked in an interesting way – one of the maintainer’s account was compromised by an attacker and a new “patch” version with the malicious code was published to th… Continue reading Recent ESLint hack or how can we protect ourselves from installing malicious npm packages?→

Should I hash my refresh tokens before storing them in the server’s database? [duplicate]

Posted on July 9, 2018 by MrMage

This question already has an answer here:

What kind of hashing to use for storing REST API tokens in the database?

1 answer

… Continue reading Should I hash my refresh tokens before storing them in the server’s database? [duplicate]→

Do I need to encrypt connections inside a corporate network?

Posted on June 21, 2018 by Rbjz

Provided that I have a decent level of physical security in the office, I monitor the physical addresses of devices connected to the network and only give VPN access to trusted parties, do I need to encrypt access to intranet… Continue reading Do I need to encrypt connections inside a corporate network?→

How to protect our server from brute force attack? [on hold]

Posted on June 13, 2018 by Ihebhamad

One of the most common cyber attack is Bruteforce , what are the mechanisms available to protect this attack and how industry apply these mechanisms to mitigate the attacks (best practices)?

Continue reading How to protect our server from brute force attack? [on hold]→

A Proposed Solution to the Password Reuse Problem

Posted on June 13, 2018 by Kacy Zurkus

A group of researchers proposed a new framework that would enable web services to share users’ password hash data in an effort to reduce password reuse.

The post A Proposed Solution to the Password Reuse Problem appeared first on Security Intelligence.

Continue reading A Proposed Solution to the Password Reuse Problem→

E-Mail Web Client: How to handle credentials

Posted on June 10, 2018 by Dominik G

I am thinking about building an e-mail web client that I can run on my server as a side project. The server addresses should be configured on the server side.

Multiple Accounts should be able to access their emails through t… Continue reading E-Mail Web Client: How to handle credentials→

Oh the irony! When cybercriminals are rubbish at cybersecurity

Posted on June 7, 2018 by John E Dunn

The Owari DDoS botnet, built by knocking over weakly-secured Internet of Things (IoT) devices, has had a bad week. Continue reading Oh the irony! When cybercriminals are rubbish at cybersecurity→