Identity Management

Identity Management news, solutions, and analysis for IT professionals

DoCoMo app shares SIM credentials with offline devices

Smartphones with new Qualcomm chipsets could send SIM subscriber identities to multiple offline devices

Flaw in popular Web analytics plug-in exposes WordPress sites to hacking

Attackers can easily crack cryptographic keys used by the WP-Slimstat plug-in and use them to read information from a site's database


Information disclosure flaw exposes Netgear wireless routers to attacks

The vulnerability allows attackers to extract admin passwords and wireless network keys

Personal weather stations can expose your Wi-Fi network

Netatmo weather stations upload Wi-Fi passwords and SSIDs to the company's servers over insecure connections

DDoS malware for Linux systems comes with sophisticated custom-built rootkit

XOR.DDoS is distributed through SSH brute-force password guessing attacks.

Siemens patches critical flaws in industrial wireless gear

The vulnerabilities allow attackers to take control of affected Ruggedcom WIN systems

Dangerous IE vulnerability opens door to powerful phishing attacks

The flaw can be used to steal authentication cookies and inject rogue code into websites

Cisco integration gives Samsung Knox users more options for secure connectivity

Under pressure from falling phone sales, Samsung continues to court CIOs

gas station

Thousands of U.S. gas stations exposed to Internet attacks

Over 5,000 tank gauges that are used to monitor fuel levels and potential spills are accessible from the Internet without a password.

Google publishes third Windows 0-day vulnerability in a month

Google is sticking to its 90-day disclosure deadline, despite criticism by Microsoft

Exploit allows Asus routers to be hacked from local network

Users should install firmware updates as soon as they become available and should block untrusted devices on their networks

Apple blocks tool that brute-forces iCloud passwords

The tool allowed attackers to try a large number of passwords for Apple ID accounts

Moonpig jeopardizes data of millions of customers through insecure API

The company failed to fix a security flaw reported over a year ago, a developer said

Free tool automates phishing attacks for Wi-Fi passwords

The tool can disconnect Wi-Fi users and trick them into disclosing their access password to a rogue access point

New lie detector relies on full-body suit for better accuracy

Suits normally used by 3D graphics animators could help law enforcement spot lies

Two-factor authentication oversight led to JPMorgan breach, investigators reportedly found

The attackers stole an employee's access credentials and used them to access a server that lacked a stronger authentication mechanism

grinch 620x465

The 'grinch' isn't a Linux vulnerability, Red Hat says

The way Linux handles user permissions could still lead to potential misuse, security researchers say.

Vulnerability in embedded Web server exposes millions of routers to hacking

Attackers can take control of millions of routers by sending a specially crafted request to RomPager, an embedded Web server running on them

Hitachi finger vein scanner could secure large venues

A "walkthrough-stye" scanner would require a simple wave of the hand to open gates

Forgotten subdomains boost risk of account hijacking, other attacks

Some sites have subdomains pointed at old domains that have long expired and can be registered by attackers

Load More