Towerwall Application Security Alert Vol 13.73 Hackers have amassed a vast collection of stolen data, including 1.2 billion unique username/password pairs, by compromising over 420,000 websites using SQL injection techniques. Researchers monitored the gang for over seven months, thought to be “fewer than a dozen men in their 20s who know one another personally” based in … Continue reading 1.2 billion logins scooped up by CyberVor hacking crew – what you need to do
1.2 billion logins scooped up by CyberVor hacking crew – what you need to do Hackers have amassed a vast collection of stolen data, including 1.2 billion unique username/password pairs, by compromising over 420,000 websites using SQL injection techniques. Researchers monitored the gang for over seven months, thought to be “fewer than a dozen men … Continue reading Towerwall Application Security Alert Vol 13.73
When the healthcare.gov website was launched on Oct. 1 it didn’t take long for technical issues to hit the headlines. Americans trying to register for health care found the website unusable. There were glitches, extremely long loading times, and serious errors, but most worrying of all for anyone entrusting sensitive data to the system was the lack … Continue reading Why wasn’t healthcare.gov security properly tested?
I am excited to announce the launch of our quarterly newsletter, the Data Security Review. Each quarter I will be sharing with you what I am hearing from customers, colleagues and data security experts to keep you aware and protected. As we enter 2014, human risk is on everyone’s mind. Even with the most sophisticated … Continue reading Introducing our Quarterly Newsletter: the Data Security Review
10. Malware Is On The Rise The threat of malware on mobile platforms is growing steadily as more cybercriminals target mobile devices in increasingly sophisticated ways. 9. BYOD Is A Challenge There are obvious benefits to the BYOD (Bring Your Own Device) trend, but it also creates IT challenges and exposes your company to new … Continue reading 10 Things I Know About… Mobile Security
Remember last week, Facebook leaked email addresses and phone numbers for 6 million users, but that it was really kind of a modest leak, given that it’s a billion-user service? OK, scratch the “modest” part. The researchers who originally found out that Facebook is actually creating secret dossiers for users are now saying the numbers … Continue reading Facebook leaks are a lot leakier than Facebook is letting on
Many companies have embraced the BYOD trend. They may even have developed applications that enable employees to have 24/7 access to business data and tools. The benefits can be counted in productivity boosts and flexibility, but there is a real and present danger that is being ignored all too often. How many of these enterprise … Continue reading Are mobile apps truly enterprise-secure?
Our friends at Trend Micro offer a range of free tools, apps and widgets to protect your devices and help you manage your online activity. You can check them out and download them for free on our Security Tools, Apps, and Widgets Page.
After the last zero day exploit on Java we reported some weeks ago it appears that a new 0day has been found in Internet Explorer by the same authors that created the Java one. Yesterday, Eric Romang reported the findings of a new exploit code on the same server that the Java 0day was found some … Continue reading New Internet Explorer zero day being exploited in the wild
Web applications – particularly those facilitating collaboration and communication – are a boon to sales, marketing and productivity. Teams work together more effectively, salespeople enjoy better leads and marketing tools and customer service reps can more closely connect with those they serve. All of these gains, though, come at a cost: risk. By their very … Continue reading Beware the wild west of Web applications