Breaches

Ba5964a1284ac16d4277991e7225699c

Sometimes, some stuff should just stay private...

April 01, 2010 Added by:Jason Remillard

As reported in the past few days, a site selling  Durex condoms have had a small 'exposure' problem.  As reported, the site had been suffering (time length unknown) from several basic security exposures, including even allowing orders to be viewed online, without a login - simply by changing the order number!

Comments  (0)

F338ee966b0240a58cc1dbf24855dd26

Cyber Crime & Terrorism Take a Dangerous Turn

March 24, 2010 Added by:Jenni Hesterman

Most would agree that globalization, fed by technological advances in the information system and telecommunications realms, has overwhelmingly been a "good thing". Our world is connected like never before, and those formerly isolated are now part of the landscape, able to access critical medical information, tap educational resources and answer almost any question in two clicks.

Comments  (4)

E4b33dbe234685965beb3e9f2a0ad456

Google, Adobe, and Big Oil Attack Commonalities

March 07, 2010 Added by:Ted LeRoy

The work of protecting information is becoming more difficult with time.  The recently discovered attacks on Google, Adobe, Marathon Oil, ExxonMobil, and ConocoPhillips illustrate an alarming trend.  The attacks even gave rise to a new attack model, the Advanced Persistent Threat (APT).

Comments  (0)

B59a51a3c0bf9c5228fde841714f523a

How Twitter spam steals from Google, Yahoo!

March 06, 2010 Added by:Chester Wisniewski

Scammers have been devising ways to ride on someone else's coattails since the dawn of time. With every new technology they find another way to make money from nothing. Today I am going to highlight a method that involves Twitter, Yahoo!, and Google AdSense.

Comments  (0)

0f48ebb4a6ca02dbf5141affdbfa6898

The Dragon’s Lair?

February 21, 2010 Added by:Bill Wildprett, CISSP, CISA

An excellent article in the N.Y. Times on February 18th stated that two Chinese schools, the Shanghai Jiaotong University and the Lanxiang Vocational School were involved in the recent online attacks against Google and dozens of other U.S. corporations.  These conclusions come...

Comments  (1)

6d117b57d55f63febe392e40a478011f

Jester Unveils XerXeS Automated DoS Attack

February 10, 2010 Added by:Anthony M. Freed

Anti-jihadi hacker The Jester (th3j35t3r), continues his campaign against militant Islamic websites, and now reveals the development of an automated version of his DoS attack, which he calls the XerXeS project.

Comments  (4)

0f48ebb4a6ca02dbf5141affdbfa6898

Security Consciousness Raising

February 06, 2010 Added by:Bill Wildprett, CISSP, CISA

I’ve been thinking about Security Awareness and different ways of teaching it as a mindset.  We infosec folks think about it all the time, cultivating it as part of our general focus on situational awareness; the general public, corporate and government leaders, SMBs – not as much, perhaps.

Comments  (1)

0f48ebb4a6ca02dbf5141affdbfa6898

The 800-lb Dragon’s APTitude

February 06, 2010 Added by:Bill Wildprett, CISSP, CISA

I’ve been following the news about the Google hacks and ‘Operation Aurora‘ as McAfee called it, for a while.  There’s a plethora of online articles about this and why China would do this, which the PRC government denies pro forma.  It’s about nationalistic young Chinese and about PRC government, economic and military strategic interests.

Comments  (1)

6d117b57d55f63febe392e40a478011f

More Talks with Anti-Jihadi Hacker The Jester

February 04, 2010 Added by:Anthony M. Freed

Anti-jihadi hactivist The Jester (th3j35t3r), the self-proclaimed Nicest Hacker in the World, has returned for part two of our conversation concerning his campaign of intermittent disruption of militant pro-jihad websites.

Comments  (1)

34200746591339726df9791b17bc885c

In Rebuke of China

February 02, 2010 Added by:Tom Schram

In the current issue of Foreign Affairs, former NATO Commander General Wesley K. Clark and current Department of Veteran Affairs CTO Peter Levin write:  “There is no form of military combat more irregular than an electronic attack: It is extremely cheap, is very fast, can be carrier out anonymously, and can disrupt or deny critical servi...

Comments  (3)

6d117b57d55f63febe392e40a478011f

Hacktivist Tactics Raise Ethical Questions

January 27, 2010 Added by:Anthony M. Freed

Recently we have witnessed the emergence of international hactivist and vigilante “the Jester” through his crusade against jihadi and militant Islamic networks...Jester’s activities raise an important question:  Where do cyber vigilantes fall on the infosec ethics spectrum?

Comments  (19)

F0a7d979c6e57d746e1164ed6e44678e

Is the Recent Chinese Google Hack the most Serious Privacy Breach of the Year?

January 21, 2010 Added by:Brent Carey

Last week Google announced that it was the victim of a hack in China. Word of the attack spread quickly and the German, French and Australian governments issued warnings about using internet Explorer. I'm amazed that this incident has not received more commentary from the privacy and security communities. Is this not   the most serious data privacy breach in a search engine’s histo...

Comments  (1)

Ba5964a1284ac16d4277991e7225699c

Rockyou.com - Gets Rocked again - this time a PII Lawsuit

January 02, 2010 Added by:Jason Remillard

Well, its happened. This time, the users themselves have taken action against rockyou.com for their inadvertent disclosure of customer information. As we previously reported, Rockyou was hacked and disclosed it looks like over 32,000,000 accounts. Yes, 32 Million!

Comments  (1)

Ba5964a1284ac16d4277991e7225699c

aweber comes clean, sort of....splatter effect continues

December 22, 2009 Added by:Jason Remillard

 While finally acknowledging their security exposure, aweber has done little to placate its user base judging by the responses and pleadings I've seen online.  Yes another example of what I'm calling the 'splatter' effect.  The damage that is borne upon others related to the security exposure, that is usually not measureable but definately has an impact.

Comments  (0)

0f48ebb4a6ca02dbf5141affdbfa6898

It’s ‘Defense in Depth’, not ‘Dense in Depth’

December 18, 2009 Added by:Bill Wildprett, CISSP, CISA

I sit, dumbfounded with amazement after reading that insurgents in Iraq have been intercepting Predator drone video feeds and that the Pentagon has known about this for a year now.

Comments  (1)

B426b30042abbc15e363cb679bbc937d

Unu Cracks a Wall Street Journal Conference Site, Not WSJ.com

December 04, 2009 Added by:Daniel Kennedy

Unu, the security researcher from Bucharest Romania known for performing unsolicited penetration tests on brand name web sites with a concentration in SQL Injection is at it again, this time with a claim that he cracked WSJ Online.

Comments  (0)

Page « < 27 - 28 - 29 - 30 - 31 > »