Identity Management

Identity Management news, solutions, and analysis for IT professionals

social security card
Okta mobility management OS X login page

Okta Platform social login page

Okta Platform gets social login integration to attract consumer-facing businesses

Okta Platform, a developer-focused offering from the identity management company, now supports using social logins, as part of the company's push to become more friendly to consumer-focused applications.

USB key

LogMeIn buying password manager LastPass

LogMeIn hopes to bring even more consolidation to the single-sign-on market with the acquisition of password management service LastPass.

tented arch in a left index fingerprint

NIST sets the stage for contactless fingerprint readers

While many are hoping that biometric technologies such as fingerprint readers will one day replace cumbersome passwords, the U.S. National Institute of Technology is looking even further out.

Dropbox adds U2F support for better security

It's a better option for high-security environments, one analyst says

Researchers find way to steal Windows Active Directory credentials from the Internet

The technique could enable attackers to attack Windows servers hosted in the cloud

File sync services provide covert way to control hacked computers

Researchers highlight the potential use of file synchronization services for stealthy and persistent remote control

No building access card? No problem if you have new Def Con tools

A slew of new RFID hacking tools will be released at the Def Con conference next month.

Bug exposes OpenSSH servers to brute-force password guessing attacks

The keyboard-interactive authentication setting could allow for thousands of password retries, a researcher found

Welcome mat

Cisco leaves key to all its Unified CDM systems under doormat

Cisco's Unified Communications Domain Manager software contains a privileged account with a static password that can't be deleted or changed

VMware's Identity Manager offers authentication for Web, native apps

The growing popularity of cloud apps means enterprises have to rethink indentity management.

Cybercriminals increasingly target point of sales systems

Trustwave highlights the difference in data-breach activity between North America and the rest of the world

Memory scraping malware targets Oracle Micros point-of-sale customers

A new threat dubbed MalumPoS is being used against businesses in the hospitality, food and retail industries, researchers said

Users with weak SSH keys had access to GitHub repositories for popular projects

GitHub revoked the keys, but it's not clear if they were ever abused by attackers.

Large scale attack hijacks routers through users' browsers

Researchers found a Web attack tool designed specifically to exploit vulnerabilities in routers and hijack their DNS settings

The best way to protect passwords may be creating fake ones

A research project, NoCrack, creates plausible decoy password vaults to confuse attackers

Electronic lock maker clashes with security firm over software flaws

CyberLock said it wasn't given enough time before IOActive published a security advisory

Credit card terminals have used same password since 1990s, claim researchers

Many users never changed the password thinking it was unique to them

Wi-Fi client vulnerability could expose Android, Linux, BSD, other systems to attacks

A flaw in the widely used wpa_supplicant wireless client can lead remote code execution

Load More