Access Control

Access Control news, information, and how-to advice

The best way to protect passwords may be creating fake ones

Research project NoCrack creates plausible decoy password vaults to confuse attackers

Researchers: IoT devices are not designed with security in mind

Lack of encryption and other security issues were found in home automation hubs that could facilitate burglary, stalking, and spying


This tool can alert you about evil twin access points in the area

EvilAP_Defender can even attack rogue Wi-Fi access points for you, the developer says

Google gives Apps admins more control over their files and docs

One of the new features allows IT pros to disable the ability to print, donwload, and copy certain files

Dangerous IE vulnerability opens door to powerful phishing attacks

The flaw can be used to steal authentication cookies and inject rogue code into websites

A look at the FBI’s big, bad identification system

Next Generation Identification uses a variety of high-tech tools and algorithms to deal with criminal behavior

SDS still young, but very much on the rise

Offering increased protection and a simplified approach, software-defined security is shaping up to be the next big thing in IT security

Fear the golden ticket attack!

Be afraid of the golden ticket attack -- if malicious hackers can create the tickets, they can wreak whatever havoc they please

IBM buys access control and identity management firm CrossIdeas

With CrossIdeas, IBM is gaining auditing tools for policing segregation-of-duties violations across disparate systems

The 12 biggest, baddest, boldest software backdoors of all time

These 12 historically insidious backdoors will have you wondering what's in your software -- and who can control it

You want to know who has access to what? Good luck

Access control sounds simple, until you try to tease out rights and permissions for every user in your environment

How to benefit from the identity data explosion

Everyone wants to avoid being the next Target. Brian Milas, CTO at Courion, explains how to use the rich data generated by identity and access control solutions to reduce risk

Target attack shows danger of remotely accessible HVAC systems

Qualys says about 55,000 Internet-connected heating systems, including one at the Sochi Olympic arena, lack adequate security

Book smart, security stupid: Rogue professors flunk Security 101

Two academics betray highly ill-advised security practices when using the university's computer network

EMC's Syncplicity service tightens controls on shared files

Data now can be made unavailable even when it's stored offline, EMC says

Alcatel-Lucent challenges Cisco, Brocade unified access

Alcatel-Lucent offers enterprises free switch upgrade that converges wired Ethernet networks with wireless BYOD management from Aruba

'Jump boxes' improve security, if you set them up right

It's a good idea to set up an ultrasecure computer as a bridge to log on to other PCs, but serious protections must be in place

Cisco patches vulnerabilities in some security appliances, switches, and routers

If left unpatched, the vulnerabilities could enable denial-of-service, command execution, or authentication bypass attacks

Cisco fixes critical remote command execution vulnerability in Secure Access Control Server

The vulnerability could allow remote, unauthenticated attackers to take control of the underlying operating system, the company said

Those 'invisible' servers could open your network to hackers

Slew of vulnerabilities in IPMI standard for disaster-recovery access leaves unpatched implementations at severe risk

Load More