As you’ve probably heard by now, the popular media company Gawker was hacked on Sunday. Hundreds of thousands of usernames and passwords were accessed through the Gawker servers, which power sites like Lifehacker, Gizmodo, Jezebel, and others, by a group that was eventually able to decode some of the encrypted passwords.

October was not a good month for Firefox. Firefox has long been praised for being a good alternative to Internet Explorer. This has been, in part, due to the security features present in this web browser, their frequent updates, and attention to details. The two issues that occurred for Firefox in October included the release of Firesheep and the discovery of a zero day vulnerability.

It was reported a few weeks ago that somewhere around 20,000 Hotmail passwords were compromised.  Reports differ on what mechanism was used to extract the passwords, though.  One theory holds that the passwords were exposed via a massive phishing scheme, while others claim the passwords were exposed via systems infected with bots. Regardless of the mechanism […]

A recent study by the Ponemon Institute determined that the average security breach costs $203 per compromised record. So, if a company loses a hard drive that contains sensitive data on one million customers, they’re out $203,000,000. That’s a lot of items off the dollar menu at your local fast food joint. To compare  —  five years ago, […]

Windows Server 2008 supports Fine-Grained Password Policies in Active Directory, which is a huge step forward from the per-domain-only password policies of Windows Server 2003 and Windows 2000 Server Active Directory. Yet with the suggested built-in management interface for creating fine-grained policies being ADSIedit, LDIFDE, and similar utilities, and with the requirement that the Active […]

Recently, I spent some time reviewing a client’s router configuration files and noticed the continued use of Cisco type 7 passwords.  This is a weak form of authentication that can be easily cracked.  To make sure you understand what I am referring to, let’s start with a little background.  According to Cisco, type 7 passwords […]