Passwords | The Security Ledger

Tag: passwords

You’re Invited: A Conversation on Password Security and Targeted Attacks

September 23, 2014 by Paul Comments are Disabled

A note to Security Ledger readers that I’ll be facilitating a really interesting conversation this afternoon on password (in)security and how weak user authentication can undermine even the best laid security plans. The SANS Webinar, Security for the People: End User Authentication Security on the Internet” kicks off at 3:00 PM Eastern today (12:00 PM Pacific). You can register to join us using this link. My guest is DUO Security researcher Mark Stanislav, a frequent Security Ledger contributor and one of the smartest guys out there when it comes to passwords, authentication and securing the Internet of Things. There’s plenty to talk about: weak authentication schemes are the root cause of any number of prominent breaches – from the recent attacks the Apple iCloud accounts of A-list celebrities, to the breach at retailer Target (reportedly the result of a phishing attack on an HVAC contractor that Target used.) Mark and I […]

Continue Reading →

CNN App Leaks Passwords Of Citizen Reporters

July 22, 2014 by Paul 1 comment

As camera-equipped mobile phones have proliferated in recent years, CNN pioneered the crowd sourcing of news with its highly successful and much-imitated iReport program. But aspiring iReporters would do well to hold off submitting their stories using CNN’s mobile application for the iPhone – at least for a few days. According to a report from the security firm zScaler, the CNN App for iPhone fails a basic security test: failing to encrypt traffic sent to and from the application, including a user’s login and password. The flaw, which was only found in the CNN App for iPhone, could allow an iReporter’s account to be compromised, giving strangers access to any stories they have submitted to the news network. CNN senior director of public relations Matt Dornic acknowledged the flaws and said that CNN has updated the application and will be submitting it to Apple as soon as possible. According to a […]

Continue Reading →

Tag: passwords

CNN App Leaks Passwords Of Citizen Reporters

A word from our sponsors:

Sign up for The Daily Ledger

Voted a Top 100 Infosec Blog

Thank Our Sponsors!

Reader Comments

Tweets from @securityledger

Podcasts

The Big Dark: Motive, not Means, is what holds back a Crippling Grid Hack

Podcast: Michael Daniel on Cyber Diplomacy in the Age of Trump

Podcast: The Internet of Things’ Entropy Problem and why it matters

A New Great Game: Russia, China, North Korea heighten Cyber Risk

Podcast – Smart Vehicle Security: A Report from the Lab

Videos

Tag: passwords

You’re Invited: A Conversation on Password Security and Targeted Attacks

Share this:

CNN App Leaks Passwords Of Citizen Reporters

Share this:

A word from our sponsors:

Sign up for The Daily Ledger

Voted a Top 100 Infosec Blog

Thank Our Sponsors!

Reader Comments

Tweets from @securityledger

Podcasts

The Big Dark: Motive, not Means, is what holds back a Crippling Grid Hack

Podcast: Michael Daniel on Cyber Diplomacy in the Age of Trump

Podcast: The Internet of Things’ Entropy Problem and why it matters

A New Great Game: Russia, China, North Korea heighten Cyber Risk

Podcast – Smart Vehicle Security: A Report from the Lab

Videos