brute-force

Change Your Old Amazon Password Now To Avoid This Cracking Risk
Some old Amazon account appear to have a flaw in their password protection scheme that makes them more vulnerable to a brute force cracking attempt. For affected accounts, if you haven't changed your password in several years, and it's over 8 characters long, it looks like all people have to do is enter the first 8 characters correctly and they're in. Even if after the 8 characters they just type gobbledygook. More »

Another Sears.com Security Hole Discovered

—>That Sears website exploit we posted about a couple of weeks ago was funny, mainly because it seemed more embarrassing for Sears than a true security risk. However, an independent security researcher had also discovered a more significant issue with the site—it allowed for an unlimited number of gift card verification attempts via an external script, so a criminal could use the site as a brute force method to identify valid gift cards for Sears and Kmart.  More »