Researcher Uncovers Backdoor Vulnerability in D-Link Routers

Monday, October 14th, 2013

A security researcher this weekend discovered a backdoor vulnerability with certain D-Link routers that might allow cyber criminals to alter a router's setting without a username or password. In a note on its website, D-Link said it is "proactively working with the sources of these reports as well as continuing to review ...

How the Bible and YouTube are fueling the next frontier of password cracking

Wednesday, October 9th, 2013

Early last year, password security researcher Kevin Young was hitting a brick wall. Over the previous few weeks, he made steady progress decoding cryptographically protected password data leaked from the then-recent hack of intelligence firm Stratfor. But with about 60 percent of the more than 860,000 password hashes cracked, his attempts ...

Secure QR Login (SQRL)

Thursday, October 3rd, 2013

There's a new web authentication method being proposed by Steve Gibson over at grc.com and initially it looks really good and does seem to solve most, if not all, of the current security/privacy problems we have with traditional username/password authentication. In a nutshell, website login pages will display a QR code ...

Critical Internet Explorer exploit code released in the wild

Tuesday, October 1st, 2013

Attack code that exploits a critical vulnerability in all supported versions of Microsoft's Internet Explorer browser has been publicly released. Monday's release of a module for the Metasploit exploit framework used by security professionals and hackers could broaden the base of attackers who are capable of targeting the flaw. Until now, the bug ...

LastPass and the NSA Controversy

Tuesday, September 10th, 2013

With news that the United States National Security Agency has deliberately inserted weaknesses into security products and attempted to modify NIST standards, questions have been raised about how these actions affect LastPass and our customers. We want to directly address whether LastPass has been or could be weakened, and whether our users’ ...