Security News

The regulator noted, amongs other things, that despite claiming it was salting-and-then-hashing passwords using an accepted hashing algorithm, EDF still had more than 25,000 users' passwords "Secured" with a single MD5 hash as recently as July 2022. As you will have heard many times on Naked Security, storing the cryptographic hash of a password means that you can validate a password when it is presented simply by recomputing its hash and comparing that with the hash of the password that was originally chosen.

NVIDIA has released a security update for its GPU display driver for Windows, containing a fix for a high-severity flaw that threat actors can exploit to perform, among other things, code execution and privilege escalation. The latest security update addresses 25 vulnerabilities on the Windows and Linux GPU drivers, while seven flaws are categorized as high-severity.

Password salting is a technique for making passwords more difficult to crack by adding random values to the stored password hash. In order to understand password salting and its benefits however, it is necessary to understand how Windows stores passwords and some of the risks that are associated with storing passwords in that way.

A sophisticated threat actor named 'CashRewindo' has been using aged domains in global malvertising campaigns that lead to investment scam sites. [...]

You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.

Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. According to a Cyber Security Breaches Survey, businesses that hold electronic personal data of their customers are more likely than average to have had breaches.

Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. According to a Cyber Security Breaches Survey, businesses that hold electronic personal data of their customers are more likely than average to have had breaches.

Cyber Monday is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software. ProtonVPN has a Cyber Monday sale where you can get up to 50% off, depending on the length of the subscription.

What if you could add to the fun by taking part in an entertaining free holiday-themed cyber security event that both builds your skills and gives you the chance of adding a stellar prize to the pile of gifts under your tree? That's what's on offer with the 2022 SANS Holiday Hack Challenge, billed as the most festive virtual cyber security event of the year.

Phishing, educating your employees, and creating a cyber awareness culture? These are topics we're sensitive to and well-versed in. We've repeatedly seen that ad hoc, scattershot employee training attempts don't work.