authentication

Pierluigi Paganini December 04, 2014
New Google API simplifies the reCAPTCHA experience

Google has simplified the authentication process by introducing an updated CAPTCHA that simply asks users whether they are a bot. Google’s new API simplifies the reCAPTCHA experience, product manager Vinay Shet said. Google has provided a significant update to its reCAPTCHA authentication system with the intent to simplify the process. The CAPTCHA is a type of […]

Pierluigi Paganini November 19, 2014
Microsoft issued a critical Out-of-Band patch for Kerberos flaw

Microsoft on Tuesday released a rare out-of-band patch for a critical vulnerability in Kerberos that could allow elevation of privilege. Microsoft has just released an “out-of-band” security updates to patch a critical vulnerability in all supported versions of its Windows Server software, the flaw resides in Kerberos (Kerberos Checksum Vulnerability – CVE-2014-6324) and could allow elevation of Privilege […]

Pierluigi Paganini November 12, 2014
MS14-066 – A critical bug potentially affects all Windows versions. Patch it!

MS14-066 – A critical vulnerability affects all versions of Microsoft Windows systems, its exploitation could have catastrophic consequences. Microsoft has revealed the existence of a critical vulnerability in all versions of Windows operating systems, the flaw is particularly dangerous for users that servers that expose website. Microsoft issued a security advisory (Microsoft Security Bulletin MS14-066) on the vulnerability […]

Pierluigi Paganini October 22, 2014
Google improved 2-Step Verification with Security Key

Google has announced the introduction of an improved two-factor authentication mechanism based on a USB token dubbed Security Key. Google firm considers cyber security a pillar of its business, the last initiative announced by the company is the introduction of an improved two-factor authentication system for its services, including Gmail. The new 2FA process is based on the use of a […]

Pierluigi Paganini October 13, 2014
WAAR report – Web Attacks continue to increase, especially those launched from Amazon servers

The WAAR report issued by Imperva states that Web Attacks increasingly launched from Amazon servers, the overall number of attacks is also increasing. Cloud computing is considered an amazing opportunity for cybercrime, from the perspective of an attacher these powerful architectures have the necessary resources to conduct powerful attacks, and consider also that often the data archived in […]

Pierluigi Paganini September 08, 2014
Tim Cook announced security improvements for Apple solutions

Apple CEO Tim Cook announced that the company will improve the security of its solutions, including iCloud, starting from extension of 2FA mechanisms. The recent disclosure of hundreds celebrity pictures has raised the discussion on the level of security offered by the Apple iCloud stored service. To improve the security offered by the iCloud service, Apple’s CEO Tim Cook […]

Pierluigi Paganini August 29, 2014
97K Bugzilla users affected by data disclosure

Mozilla Security Team announced a new accidental disclosure of email addresses and encrypted passwords of about 97,000 Bugzilla users. On Wednesday, officials at Bugzilla, the bug-tracking system managed by Mozilla, confirmed that email addresses and encrypted passwords belonging to 97,000 of their users had been disclosed. Bugzilla is a bug-tracking software system widely used by […]

Pierluigi Paganini August 04, 2014
Tens of thousands of Mozilla developers emails and password exposed

Mozilla Security Team announced the accidental disclosure of MDN email addresses of about 76,000 users and encrypted passwords of about 4,000 users. Bad news for tens of thousands of Mozilla developers, their email addresses and encrypted passwords were accidentally exposed. The news was reported in blog post published on the official Mozilla Security Blog, the risk is […]

Pierluigi Paganini July 05, 2014
Facebook SDK flaw exposes smartphone users’ accounts at risk

Experts from MetaIntell have discovered a critical vulnerability in the latest version of Facebook SDK which exposes millions of Facebook accounts at risk. Security experts from MetaIntell have discovered a significant security vulnerability in the latest version of Facebook SDK, which affects numerous iOS and Android apps exposing millions of Facebook user’s Authentication Tokens at risk. The researchers […]

Pierluigi Paganini May 19, 2014
SNMP issues in many devices allow disclosure of data

Researchers at Rapid7 disclosed a series of vulnerabilities in many devices that allow data disclosure from the SNMP community string. Researchers at Rapid7 have discovered problems in SNMP on embedded devices which can can cause the exposure of critical information. As explained in the official blog post during the analysis the experts discovered devices which expose information that would […]