Access Control

Access Control news, information, and how-to advice

partner and adapt

Bug exposes OpenSSH servers to brute-force password guessing attacks

The keyboard-interactive authentication setting could allow for thousands of password retries, a researcher found

hacker busted ts

How to stop the security breach tsunami

If you haven’t deployed a user-based analytics program, you are not doing all you can to catch data thieves and prevent security breaches

Microsoft gives Outlook for iOS, Android enhanced management features

The mobile email app will now allow sysadmins to control use of corporate data on mobile devices

haunted hallway ghost

Do departed employees haunt your networks?

Many companies have ghosts: employees who've gone on to a better place but are still wandering through company files, cloud services, and social media accounts

The best way to protect passwords may be creating fake ones

Research project NoCrack creates plausible decoy password vaults to confuse attackers

Researchers: IoT devices are not designed with security in mind

Lack of encryption and other security issues were found in home automation hubs that could facilitate burglary, stalking, and spying

This tool can alert you about evil twin access points in the area

EvilAP_Defender can even attack rogue Wi-Fi access points for you, the developer says

Google gives Apps admins more control over their files and docs

One of the new features allows IT pros to disable the ability to print, donwload, and copy certain files

Dangerous IE vulnerability opens door to powerful phishing attacks

The flaw can be used to steal authentication cookies and inject rogue code into websites

A look at the FBI’s big, bad identification system

Next Generation Identification uses a variety of high-tech tools and algorithms to deal with criminal behavior

SDS still young, but very much on the rise

Offering increased protection and a simplified approach, software-defined security is shaping up to be the next big thing in IT security

Fear the golden ticket attack!

Be afraid of the golden ticket attack -- if malicious hackers can create the tickets, they can wreak whatever havoc they please

IBM buys access control and identity management firm CrossIdeas

With CrossIdeas, IBM is gaining auditing tools for policing segregation-of-duties violations across disparate systems

The 12 biggest, baddest, boldest software backdoors of all time

These 12 historically insidious backdoors will have you wondering what's in your software -- and who can control it

You want to know who has access to what? Good luck

Access control sounds simple, until you try to tease out rights and permissions for every user in your environment

How to benefit from the identity data explosion

Everyone wants to avoid being the next Target. Brian Milas, CTO at Courion, explains how to use the rich data generated by identity and access control solutions to reduce risk

Target attack shows danger of remotely accessible HVAC systems

Qualys says about 55,000 Internet-connected heating systems, including one at the Sochi Olympic arena, lack adequate security

Book smart, security stupid: Rogue professors flunk Security 101

Two academics betray highly ill-advised security practices when using the university's computer network

Load More