Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Real IT/security talent will work where they make a difference, not where they reduce costs, “align w/business,” or serve other lame ends.” – Richard Bejtlich “woodworking tools do not make chairs == security tools do not make security.” – …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Tools Funny Hacking Incidents / Cybercrime Gawker was hacked six months ago, say sources close to Gnosis [www.guardian.co.uk] Server was cracked using ‘local file inclusion’ weakness and hacking group then worked through system …
Some of you might like the following article I put together last week: securityconscious. You should not be using IE, in general, but because of this New Internet Explorer vulnerability affecting all versions of IE if you do, now you have yet another reason to switch to Firefox + NoScript and if you are paranoid …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Cloud Security Privacy Mobile Security Cryptography / Encryption General Tools Funny Hacking Incidents / Cybercrime Gardai prepare file on welfare officer [www.independent.ie] Gardai are expected to send a file to the Director of Public Prosecutions (DPP) in …
The problem There was an unexpected challenge to put together the security weekly news last night: My ISP mistakenly thought I had not paid my bills last month and decided to disrupt my web browsing experience by displaying a web page that said something like “information page … you have not paid x,y,z .. to …
Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Any reliance on a generic scanning tool as your primary security control is nothing more than a false sense of security and a disaster waiting to happen. ” – Michael Coates “Instead of asking why Gawker leaked all those …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Cryptography / Encryption Privacy General Tools Funny Hacking Incidents / Cybercrime The Real Lessons Of Gawker’s Security Mess [blogs.forbes.com] Gossip site Gawker has experienced a large data breach whose scale fully came to light Sunday. …
Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Porting all those security fixes in PHP 5 back to PHP 4.4.9 is a PITA” – Steffan Esser (Still using PHP 4? Good luck!) “Criticizing WAF tech is so “2009” – AppSec is so difficult, you need to use …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Web Technologies Network Security Database Security Mobile Security Privacy Cloud Security Tools General Funny Hacking Incidents / Cybercrime WikiLeaks backers hit MasterCard and Visa in cyberstrike [www.reuters.com] Credit card giants MasterCard and Visa came under intense cyber attack on Wednesday as supporters of …
Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “OWASP top 10 is in danger of becoming the pci of the app layer. it’s not enough” – Gal Shpantzer “Remember deceivers tend to actually engage in greater eye contact not less. The myth of looking away to lie …
