Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Data breach incidents cost U.S. companies $214 per compromised customer record in 2010. The average total per-incident cost in 2010 was $7.2 million. Additionally, brand damage can be significant.” – Ponemon Institute’s sixth annual U.S. Cost of a Data …
Category Index Hacking incidents / Cybercrime Unpatched vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Cloud Security Privacy Funny Hacking incidents / Cybercrime LastPass Forces Users to Pick Another Password [krebsonsecurity.com] LastPass.com, a free password management service that lets users unlock access to all of their password protected sites …
Do you still believe input validation is enough to fix Cross Site Scripting (XSS)? Billy Hoffman said it best at Schmoocon 2007 (4 years ago!!!) in his talk “JavaScript Malware for a Grey Goo Tomorrow” (fast forward to Q & A, minute 51:45): Person in the audience asks: “You said that AJAX doesn’t really change …
Update 01/08/2011: The videos are now up here. Thank you Tomasz! Update: Thanks to Jamie Duxbury (@w1bble) for hosting most of the pictures linked to from this page. I thought it was Soraya for some reason, sorry :). As I mentioned earlier: I was really honoured to attend BSides London and DC4420, aka Defcon London …
Thanks to Toby for contributing to this security news bulletin! I was honoured to attend BSides London and DC4420, aka Defcon London both of which were a blast this Wednesday and an obligatory blog post will follow hopefully this evening. Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Web Technologies Network Security Database Security Mobile Security Privacy General Hacking Incidents / Cybercrime Russian news reports that 20-year-old Ivan Kaspersky was kidnapped and his captors are demanding ransom [www.darkreading.com] [4/22/11 UPDATE: Russian media this morning are reporting that Ivan Kaspersky has …
Thanks to Shaun for contributing to this security news bulletin! Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Making connections is always easier when there’s alcohol involved” – Adam B. 😉 “Pretty much anyone can be breached at any time” – Jon Oltsik “Wonder if my Safari …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software updates Business Case for Security Web Technologies Network Security Cloud Security Funny Hacking Incidents / Cybercrime RSA SecurID breach began with spear phishing attack [searchsecurity.techtarget.com] The assault against RSA, the security division of EMC Corp., began with two waves of spear phishing attacks using an …
I know it is April’s 1st but I am Spanish, don’t worry! 🙂 (we have the 28th of December for those things) Thanks to Tadek, John and Brian for contributing to this weekly security news bulletin! For the technically inclined I also put together the following this week: – iptables: white-listing TCP connections to reduce …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Network Security Web Technologies Privacy General Funny Hacking Incidents / Cybercrime Comodo: two more resellers were compromised [www.h-online.com] Comodo has confirmed that two other resellers have been compromised since the ‘Comodogate’ attacks which saw an attacker generate forged certificates for login.live.com, mail.google.com, www.google.com, …