Sending a Heartbleed password reset email? Please dont include a login link!

Password reset email from popular Internet of Things website IFTTT has been sent by a cybercrook. Naked Security is concerned about the ‘Heartbleed’ bug that reset your passwords caused by the bug. We urge anyone thinking of sending heartbleed password reset emails: please avoid those login links. If no legitimate sites ever put login links in their email correspondence, theyre bad, and thats the end of it. We admit that all the signs are there to help you realise this is legitimate, from the URL you see when you hover over the link.”]

Source: https://nakedsecurity.sophos.com/2014/04/10/sending-a-heartbleed-password-reset-email-please-dont-include-a-login-link/

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text