SSL flaw in at least 25,000 iOS applications is leaving iPhone and iPad users open to man-in-the-middle attacks, according to researchers at SourceDNA.
Wednesday, April 29, 2015
Monday, April 27, 2015
Secure Your Website So Your Customers Don't Get Mugged
Secure Your Website So Your Customers Don't Get Mugged
Cyber warfare experts know a dirty little secret: It is mathematically impossible to prevent cyber attacks on a general purpose computer. Fortunately there's a new technology being developed that will forever stop website hijacking and watering hole attacks. Watch this blog for an announcement!
PCMAG | APRIL 23, 2015
"You don't expect to get mugged when you walk into a store," said Tom Kellerman, Trend Micro's Chief Cybersecurity Office, "You expect facility security."
""We've seen a 25 percent increase in watering hole attacks globally," said Kellermann, "Half are in the U.S., and 45 million appeared in the first half of the year." A watering hole attack is a seemingly innocuous website that can automatically infect visiting browsers, without any interaction by the user. Just as the jungle predator waits for prey and then leaps, the malicious code activates when a likely victim arrives. And any website with insufficient security can be injected with code that turns it into a watering hole."
http://www.pcmag.com/article2/0,2817,2482393,00.asp/?utm_medium=referral&utm_source=shatterdoc.comCyber warfare experts know a dirty little secret: It is mathematically impossible to prevent cyber attacks on a general purpose computer. Fortunately there's a new technology being developed that will forever stop website hijacking and watering hole attacks. Watch this blog for an announcement!
Citigroup Report Chides Law Firms for Silence on Hacking
By MATTHEW GOLDSTEIN
MARCH 26, 201
NYTimes
MARCH 26, 201
Every month it seems another American company reports being a victim of a hacking that results in the theft of internal or customer information. But the legal profession almost never publicly discloses a breach.
http://mobile.nytimes.com/2015/03/27/business/dealbook/citigroup-report-chides-law-firms-for-silence-on-hackings.html?_r=0&referrer=shatterdoc.blogspot.com
And it's not that they're just embarrassed either!
And it's not that they're just embarrassed either!
Clouds Are Not Really Very Safe! – Here are 9 Security Threats Everyone Needs to Understand | Internet, Information Technology & e-Discovery BlogInternet, Information Technology & e-Discovery Blog
A report explained from the Cloud Security Alliance (CSA) explained how the cloud is not as safe as many people think it is based on "nine major categories of threats that face cloud technologies" which organizations "must weigh these threats as part of a rigorous risk assessment, to determine which security controls are necessary." CDW issued a White Paper entitled "Playbook: Overcoming Cloud Security Concerns" which explained how to deal with the 9 CSA threats and explained the difference between data loss and data breach...
http://www.vogelitlawblog.com/2015/04/articles/ecommerce/clouds-are-not-really-very-safe-here-are-9-security-threats-everyone-needs-to-understand/
A nice top level set of definitions.
Thanks DrT
A nice top level set of definitions.
Thanks DrT
Sunday, April 26, 2015
Some US Passenger Jets Hackable?
With this architecture (se links) it sure looks dangerous:
https://sophosnews.files.wordpress.com/2015/04/gao-network-1000.png?w=500&h=450
https://nakedsecurity.sophos.com/2015/04/17/could-a-hacker-really-bring-down-a-plane-from-a-mobile-phone-in-seat-12c/
Just when you thought your were safe 'cause they take away box cutters...
https://sophosnews.files.wordpress.com/2015/04/gao-network-1000.png?w=500&h=450
https://nakedsecurity.sophos.com/2015/04/17/could-a-hacker-really-bring-down-a-plane-from-a-mobile-phone-in-seat-12c/
Just when you thought your were safe 'cause they take away box cutters...
The Cloud Guide to RSA
The Cloud Guide to RSA
CLOUD SECURITY ALLIANCE | APRIL 10, 2015
CLOUD SECURITY ALLIANCE | APRIL 10, 2015
What you missed at RSA
FBI warns of ISIS-sympathetic hackers attacking and defacing WordPress sites
FBI warns of ISIS-sympathetic hackers attacking and defacing WordPress sites
VENTUREBEAT | APRIL 7, 2015
VENTUREBEAT | APRIL 7, 2015
"The Federal Bureau of Investigation (FBI) issued a warning today about an ongoing spree of website defacements (sic) allegedly perpetrated by hackers sympathetic to the Islamic Islamic State of Iraq and Syria (ISIS). The attacks have affected a variety of websites, including news organizations, commercial entities, religious institutions, U.S. federal/state/local governments, foreign governments, and a variety of other domestic and international websites. Targets appear to be random: They are not linked by name or business type."
2015 Bitglass Cloud Security Report : Security Still Cloud’s Achilles Heel
2015 Bitglass Cloud Security Report : Security Still Cloud's Achilles Heel
CLOUD SECURITY ALLIANCE | MARCH 12, 2015
CLOUD SECURITY ALLIANCE | MARCH 12, 2015
By Christopher Hines, Product Marketing Manager, Bitglass The cloud.
"Companies want it, but can they secure it? Moving to cloud applications like Salesforce, Office 365 and Box, can be beneficial for business but companies must first answer the question of security.
[They] "announced the findings from the 2015 Bitglass Cloud Security Report. The report was the result of a survey done with 1,010 IT securers working across the globe."
And it's not pretty...
Subscribe to:
Posts (Atom)