Once upon an Internet, a security researcher who discovered a vulnerability had very limited options for what to do with that information. He could send it to the vendor and hope someone cared enough to patch it; he could post it to a mailing list for all to see; or, if he had the right […]

As attackers continue to target large databases of passwords and users grow wearier by the day of creating new accounts and login credentials on each site they visit, the larger Web players are positioning themselves as not just social networking or retail hubs, but also as authentication providers. The latest to join this crew is Amazon, which is rolling out a service called Login With Amazon that enables visitors to participating sites to login with their existing Amazon credentials.

The Drupal Association is urging all users of Drupal.org and groups.drupal.org to reset their passwords after discovering an intrusion that breached files holding usernames, e-mail addresses, countries and hashed passwords. Sites that run on Drupal do not appear to be impacted, though the organization stressed an ongoing forensic review may reveal more details and victims. […]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.