User Have Risky Security Habits, but Security Pros Aren't Much Better

Researchers spot gaps in users’ and IT practitioners’ security habits, and between security tools and user preferences. Cybersecurity professionals, and the employees and consumers they serve, all engage in risky security practices. Data shows password issues continue to plague users of all experience levels, two-factor authentication adoption is lagging, and mobile devices are introducing new
Read more
4 Comments

419M Facebook User Phone Numbers Publicly Exposed

It’s still unclear who owned the server storing hundreds of millions of records online without a password. An unsecured server exposed 419 million phone numbers belonging to Facebook users, whose information was stored in several databases without password protection, TechCrunch reports. The records spanned Facebook account holders in countries including the US (133 million), UK
Read more
261 Comments

Implementing Strong Authentication Does Not Guarantee An Excellent User Experience

Understanding User Expectations And Business Goals Guides Security Posture The traditional password is no longer sufficient enough to prevent hackers from getting into our accounts containing a multitude of information that can be crippling to any enterprise. A limited number of passwords implemented by the typical individual means that hackers can crack one password and
Read more
255 Comments

End User Lockdown: Dark Reading Caption Contest Winners

Phishing, cybersecurity training, biometrics and casual Fridays. And the winners are … Dark Reading reader Nick Walker (aka ntwalk) earns the top honors and a $25 Amazon gift card for his password cracking play on words in the caption, penned below. When not penning cartoon captions, Nick, of Lowell, Arkansas, works as a security analyst at J.B. Hunt Transport
Read more
412 Comments

Misconfigured Ladders Database Exposed 13M User Records

Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2019-11683PUBLISHED: 2019-05-02 udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x through 5.0.11 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, a… CVE-2019-3490PUBLISHED: 2019-05-02 A
Read more
98 Comments

A Guide To Protecting The End User

A people-centric approach to managing cyber security vulnerability, attacks and privilege Download Your Copy We respect your privacy, by submitting this form you agree to having your details passed onto the sponsor who may promote similar products and services related to your area of interest. For further information on how we process and monitor your
Read more
824 Comments

Facebook Employees for Years Could See Millions of User Passwords in Plain Text

2,000 Facebook engineers or developers reportedly made some nine million internal queries for data elements with plain text passwords. An internal Facebook investigation has found between 200 million and 600 million of its users may have had their account passwords stored in plain text for years, meaning they could have been searched and accessed by
Read more
261 Comments

Secure the System, Help the User

The enterprise must do its part in deploying and maintaining secure systems so that end users stand a chance against attackers. Relying on end users for security is difficult, but securing enterprise systems doesn’t have to be. For a system to be valuable, it must be accessible and beneficial to end users. Organizations have improved
Read more
243 Comments

Photo API Bug Exposed 6.8M User Photos

The flaw let developers access images that users may not have shared publicly, including those they started to upload but didn’t post. Facebook has apologized for a photo API bug that may have exposed photos belonging to 6.8 million users. This issue affects people who use Facebook login and gave third-party apps permission to access
Read more
133 Comments