dcsimg
March 21, 2019

Are hackers gonna hack anymore? Not if we keep reusing passwords

Enterprises have a password problem, and it’s one that is making the work of hackers a lot easier. From credential stuffing to brute force and password spraying attacks, modern hackers don’t have to do much hacking in order to compromise internal corporate networks. Instead, they log in using weak, stolen, or otherwise compromised credentials. Take the recent case of Citrix as an example. The FBI … [Read more...]

Filed Under: brute force, credential stuffing, cybercrime, enterprise, enterprises, hackers, Hacking, password managers, password spraying, reusing passwords, weak passwords
September 21, 2018

Simple Authentication and Security Layer (SASL) vulnerabilities

Simple Authentication and Security Layer (SASL) is an authentication layer used in Internet protocols. SASL is not a protocol, but rather a framework that provides developers of applications and shared libraries with mechanisms for authentication, data integrity–checking, and encryption. Within the framework and a few of its plugins, there are a couple of known vulnerabilities that we want to make … [Read more...]

Filed Under: authentication, brute force, cybercrime, denial of service, Exploits, mailserver, sasl, Simple Authentication and Security Layer, vulnerabilities
September 14, 2018