Your source for identity management news, opinion, product comparisons and reviews.
Identity Management News
NSA reportedly compromised more than 50,000 networks worldwide
The U.S. National Security Agency reportedly hacked into over 50,000 computer networks around the world as part of its global intelligence gathering...
Hackers actively exploiting JBoss vulnerability to compromise servers, researchers say
Attackers are actively exploiting a known vulnerability to compromise JBoss Java EE application servers that expose the HTTP Invoker service to the...
Attackers used known exploit to steal customer log-in credentials, vBulletin maker says
The vBulletin.com forum was not compromised by exploiting a previously unknown vulnerability as a group of hackers claimed, according to vBulletin...
Hackers claim they used zero-day vulnerability to breach vBulletin support forum
A group of hackers claim to have exploited an undocumented vulnerability in the vBulletin Internet forum software in order to break into the...
Google fixes Chrome vulnerabilities exploited at Pwn2Own contest
Google released emergency security updates for Chrome in order to patch critical vulnerabilities demonstrated Thursday by a security researcher at...
Microsoft Patch Tuesday advisories urge ditching old, weak crypto algorithms
Microsoft patched serious vulnerabilities Tuesday in Windows, Internet Explorer and Office, but also urged customers to stop using the aging RC4...
Banking malware infections rise to highest level since 2002
Malicious software aimed at stealing online banking credentials surged in the third quarter of this year to a level not seen since 2002, according to...
British spies reportedly spoofed LinkedIn, Slashdot to target network engineers
British intelligence agency Government Communications Headquarters (GCHQ) reportedly used spoofed LinkedIn and Slashdot pages to compromise the...
Open-source software projects need to improve vulnerability handling practices, researchers say
Many open-source software developers need to improve the way in which they handle vulnerability reports, according to researchers from security firm...
Mozilla releases 10 patches, five critical, for Firefox
Mozilla released 10 patches for three versions of its Firefox browser on Tuesday, five of which are considered critical and could be used to remotely...
Internet Archive, fearful of spying, boosts its encryption
The Internet Archive, the online repository of millions of digitized books, wants to shield its readers from other's prying eyes -- like the...
PHP.net maintainers to reset user passwords, change SSL certificate
The PHP Group will reset the passwords for accounts on php.net, the official website of the PHP programming language, and will change the site's...
Flash Player now sandboxed under Safari on Mac OS X
Adobe has worked with Apple to sandbox Flash Player under Safari in Mac OS X, restricting the ability of attackers to exploit any vulnerabilities...
Mexico condemns NSA's alleged hacking of president's email
The Mexican government has condemned newly reported spying activities of the U.S. National Security Agency against the country's former president...
Security firm releases tool to audit SAP's HANA
A new tool from security vendor Onapsis aims to secure SAP's in-memory database HANA, the German company's fastest-growing data processing...
D-Link to padlock router backdoor by Halloween
D-Link will address by the end of October a security issue in some of its routers that could allow attackers to change the device settings without...
Backdoor found in D-Link router firmware code
A backdoor found in firmware used in several D-Link routers could allow an attacker to change a device's settings, a serious security problem...
Hackers exploit vBulletin vulnerability to inject rogue administrator accounts
Hackers are exploiting a vulnerability in the popular vBulletin Internet forum software in order to inject rogue administrator accounts into websites...
Cisco patches vulnerabilities in some security appliances, switches and routers
Cisco Systems has released security patches for authentication bypass, command execution and denial-of-service vulnerabilities affecting products...
Tenth Anniversary Patch Tuesday brings crucial Microsoft Explorer fix
As anticipated, the latest round of Microsoft's Patch Tuesday monthly release of security fixes addresses a widely known Internet Explorer (IE)...
The Connected Enterprise