SEARCH RESULTS
 
Showing 1-10 of 42 records
 
Expand article

Finjan uncovers database storing more than 8,700 stolen FTP credentials

2008-02-27 14:00:00 by Editor in Computerworld Security News
 
Security vendor Finjan has uncovered a data hoard containing more than 8700 stolen FTP server credentials, including information from more than 2,500 American companies
 
Tags: security vendor finjan, ftp server credentials, data hoard, american companies, information
 
 
 
 
Expand article

Backdoor in G-Archiver

2008-03-11 14:02:11 by Chris Wysopal in Zero in a bit
 
...credentials baked in, but is was sending the Gmail credentials of every user of the program to the author This is an example of an unintended network activity backdoor where information leakage occurs. Here is the code public static void CheckConnection(string a, string b try MailMessage message = new MailMessage...
 
Tags: mailmessage message, message, backdoor, smtpclient client, client, gmail, gmail credentials, credentials, people
 
 
 
 
Expand article

Increased Interest in Device-Specific Strong Authentication

2007-09-14 00:00:00 by Sean Kline in Speaking of Security, the RSA Blog and Podcast
 
...credentials and new support models. Some of the drivers for this are longstanding, such as increased proliferation of mobile devices to remote employees, partners and consumers Ericsson 1 predicts that global mobile subscriptions will reach 5.5 billion by 2012. Since people are used to carrying phones, these mobile devices become very...
 
Tags: mobile devices, credentials, strong authentication credentials, mobile phones, secure remote access, global mobile subscriptions, strong authentication mechanisms, phones, two-factor authentication
 
 
 
 
Expand article

Identity Framework Probable Feature List

The Article has images
2007-12-16 06:42:00 by Keith Brown in Security Briefs
...credentials (you need this to generate the claim set User authentication methods (an STS needs to authenticate the user before issuing a token Kerberos X509 Certificates SAML from personal cards Username/Password Fx helps you expose your STS using WCF Fx supplies a custom ServiceHostFactory (currently called...
 
Tags: informationcard login control, login control, information card serializer, information, control, user authentication methods, user, custom sts, card
 
 
 
 
Expand article

Turning on cruise control

2008-01-18 07:26:00 by Keith Brown in Security Briefs
 
...credentials to download files from our subversion repository, didn't have permissions to write those files to the working directory or deploy to the deployment folder. So here's the key: instead of debugging all of this using ccservice, just use runas to run a command prompt under the same user account that you plan to use for the service....
 
Tags: cruisecontrol, cruisecontrol logs, account, cruisecontrol log file, log, low-privilege account, ccnet configuration, ccnet, files
 
 
 
 
Expand article

More on Hating Agents

2008-02-13 14:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...credentials for remote access (sometimes admin) thus exposing them for compromise (especially if you don't use appliance added hassle: you need to manage credentials for all the servers on the log management system Finally, please don't use the combination "remote agent" as it is deeply confusing. When people say "remote agent", they really...
 
Tags: log management tool, log management, log management system, agents, remote, management, remote agent, agent, agents evil
 
 
 
 
Expand article

Embedding Malicious IFRAMEs Through Stolen FTP Accounts

The Article has images
2008-03-03 10:14:01 by HASH0x8b0b9bc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...credentials , with additional tools available to help a buyer confirm he's making a smart purchase on the other side of the universe on Neosploit's "purpose in life The information was available for blackmarket trade, along with the NeoSploit version 2 crimeware toolkit, a malicious application specifically designed to abuse and trade...
 
Tags: ftp accounts, ftp, iframes, malicious iframes, web service, service, ftp account credentials, demand service, data
 
 
 
 
Expand article

EIC 2008: Takeaways from Europe's biggest identity event

The Article has images
2008-06-13 08:19:15 by Bill Nagel in Security & Risk Management
...credentials in a way that doesn't also shift all of the liability for financial fraud (identity abuse) from institutions to individuals. This has significant implications for things like mobile commerce There was a great physical/logical convergence case study from City College Coventry (UK), which is providing converged smart-card...
 
Tags: identity, information, information risk management, user-centric identity, iam, iam implementation, effective information security, implement iam, holistic iam context
 
 
 
 
Expand article

Database Connections and Trust

2008-06-19 04:10:01 by alane in securosis.com
 
...credentials! And the converse of that is the application developer views the database as some abstract object. Security of that object is someone elses problem. The loss of visibility does not mean that the functionality is not there, or that it is not important, or that the application developer can ignore it What I am trying to say is the...
 
Tags: application, web application security, application developer, application project, application security, database, web application connects, application connection, database activity
 
 
 
 
Expand article

Database Connections and Trust

2008-06-19 04:10:01 by alane in securosis.com
 
...credentials! And the converse of that is the application developer views the database as some abstract object. Security of that object is someone elses problem. The loss of visibility does not mean that the functionality is not there, or that it is not important, or that the application developer can ignore it What I am trying to say is the...