A Russia-based cyber criminal group has managed to accumulate 1.2 billion unique online login credentials by compromising databases of over hundreds of thousands websites and FTP locations, claim researchers from Wisconsin-based Hold Security.
Email addresses and encrypted passwords of tens of thousands of Mozilla developers were accidentally exposed and might have been harvested by malicious individuals, Stormy Peters, director of developer relations, and Joe Stevensen, operations security manager at Mozilla announced on Friday.
For all the repeated advice to use different, complex password for each online account, users are still opting for easy-to-guess, short ones and use them repeatedly across many websites and online services.
A group of researchers from University of California, Berkeley, have analyzed five popular web-based password managers and have discovered - and then responsibly reported - vulnerabilities that could allow attackers to learn a user’s credentials for arbitrary websites.
In this interview, Josh Alexander, CEO of Toopher, discusses how an increasingly mobile workforce shapes the way an organization deals with authentication issues, provides advice to a CISO with the task of upgrading an outdated authentication infrastructure, and much more.