Blog Posts Tagged with "breach"

0a8cae998f9c51e3b3c0ccbaddf521aa

The Great UDID Hacker Cache: What's the Big Deal?

September 07, 2012 Added by:Rafal Los

Why am I calling this a psychological operation? From talking to people who would know - the UDID is just a tracking mechanism to link a device to a person. The fact that this has stirred such a sentiment against the federal government at a time when distrust of is already high is suspect...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Hackers Grabbed Twelve Million Apple IDs from FBI

September 05, 2012 Added by:Dan Dieterle

Is the information legit? If so, why would an FBI agent have a list of twelve million Apple ID’s which in some cases can be used to access information just as a password would? And how did the hacker group exploit this particular agent’s laptop and recover information from it?

Comments  (0)

296634767383f056e82787fcb3b94864

Who's Responsible for the Saudi Aramco Network Attack?

August 28, 2012 Added by:Jeffrey Carr

Iran is at the center of every significant aspect of this attack. It is the only nation with access to the original Wiper virus from which Shamoon was copied. Perhaps Iran has learned something from Russia about the strategy of misdirection via the government's recruitment of patriotic hackers...

Comments  (4)

0a8cae998f9c51e3b3c0ccbaddf521aa

Ticking Time-Bombs: Production Data in Non-Production Systems

August 03, 2012 Added by:Rafal Los

While it's not really OK to have a vulnerable application sitting out on the 'net, at least if it's in "stage" mode it shouldn't have real data... right? Unfortunately this wasn't the case in many of the incidents I experienced. It's time to remind ourselves that anything that is accessible should be well protected...

Comments  (0)

94c7ac665bbf77879483b04272744424

Yahoo Voices Accounts Exposed and Available to the General Public

July 13, 2012 Added by:Marc Quibell

If Yahoo took "security very seriously" this probably may not have happened. This is obviously a fail in their IT Security practices, on many accounts, beginning with the SQL Injection attack used to compromise the server - yes, it only took one server to compromise for this to occur...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Yahoo!'s No Encryption Trumps LinkedIn's Unsalted Hash

July 12, 2012 Added by:Headlines

Just a month after LinkedIn experienced a significant security breach and caught flack for not "salting their hash", the revelation that the Yahoo! credentials were not even stored in an encrypted format should have everyone concerned about how seriously companies are taking the security of their users...

Comments  (0)

4777ea0d573c51027a097399006f228a

Updates: Rumors of Anonymous Hacking th3j35t3r's Accounts Overblown

July 11, 2012 Added by:ʞɔopuooq ʇuıɐs

About the twitter ‘takeover’. I have to say that was clever. Even though my account wasn’t actually breached per se. The folks behind this latest attempt found an auto-RSS/Email to tweet script that uses the Twitter API and worked out a way to post to my account without actually having any physical access. Kudos...

Comments  (0)

5e402abc3fedaf8927900f014ccc031f

Ten Networking Alternatives After LinkedIn's Security Breach

June 13, 2012 Added by:Allan Pratt, MBA

Much has been written about the LinkedIn security breach and the millions of passwords at risk. Hopefully by now all users have changed them and made them more complex. When it comes to professional social networking sites though, LinkedIn is not the only game in town. Here are the Top 10 alternatives...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Global Payments Breach May Include Merchant Account Data

June 13, 2012 Added by:Headlines

"The Company's ongoing investigation recently revealed potential unauthorized access to servers containing personal information collected from a subset of merchant applicants. It is unclear whether the intruders looked at or took any personal information... however, the Company will notify potentially-affected individuals..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Judge Upholds Charges Against WikiLeaker Bradley Manning

June 12, 2012 Added by:Headlines

Manning is accused of the largest intelligence leak in U.S. history while deployed to Iraq as a military intelligence analyst, including installing unauthorized software onto government computers to extract classified information and transmitting the data to the whistle-blowing group WikiLeaks...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Analysis of Passwords Dumped from LinkedIn

June 11, 2012 Added by:Dan Dieterle

People put a lot of personal information on LinkedIn - their education and job experience, along with the groups that they belong to - treasure trove of information to Social Engineers. Of all the online social sites, LinkedIn users should really choose a long complex password to secure their account...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ZOMG: LinkedIn was Hacked and our Passwords Were Leaked

June 10, 2012 Added by:Infosec Island Admin

LinkedIn and other companies like Sony have shown time and again, they DON’T CARE about YOUR data. Always remember this people. So, you want an account on these places, then you best make a throw away password and limit your data on the sites that host it. Otherwise, your data will be up for the taking...

Comments  (1)

296634767383f056e82787fcb3b94864

LinkedIn Failed to Meet Standards or Better Standards are Needed

June 10, 2012 Added by:Jeffrey Carr

LinkedIn doesn't have a CSO or CISO, which for a publicly traded company communicates that security is not a priority. Considering they still don't know how this breach occurred and the minimal attention payed to password security, I can't help but wonder how secure the credit card information is...

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

LinkedIn Breach Part II: What You Need to Prepare for Next

June 09, 2012 Added by:Jason Clark

The LinkedIn breach made headlines, but I want to go deeper and provide practical advice for organizations on how they can anticipate DLP consequences and tighten network security. You need a strategy to protect against attack scenarios. Here’s a seven-step check list for mitigating your risk...

Comments  (4)

9f19bdb2d175ba86949c352b0cb85572

Nine Tips for Social Media Crisis Response

June 07, 2012 Added by:Neira Jones

Not impressed with LinkedIn's social media crisis response? Whilst the draft NIST report SP 800-61 gives really good guidelines on fully and effectively communicating important information to the public, there is some mileage to be had by exploring the use of social media when tackling incident response...

Comments  (0)

94c7ac665bbf77879483b04272744424

LinkedIn Fails Security Due Diligence

June 07, 2012 Added by:Marc Quibell

Poor security practices led to the password database ending up in Russia. We can also say that the best security practices were not applied to the security of our passwords: LinkedIn did not "salt their hash" and therefore the passwords were much more vulnerable to simple brute force attacks...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »