A posting from Naked Security on LinkedIn authentication: Happy anniversary of getting the bejeezus hacked out of you, LinkedIn! Maybe the timing is just a coincidence, but the career-toned social networking site got savagely hacked on 5 June 2012. Cybercrooks stole about 6.5 million passwords, over 60% of which were cracked within the span of […]
An interesting article from Naked security: Oracle has promised to work harder to make Java more secure. Given the constant flood of high-profile, heavily-exploited vulnerabilities, are Oracle’s new ideas going to be enough to save this piece of software from drowning in bad vibes? In a lengthy blog post last week, the head of Java […]
A posting from information week on APT Attacks : A multi-year advanced persistent threat (APT) campaign that targeted the government of Pakistan, as well as global businesses operating in mining, automotive, engineering, military and finance sectors, among others, appears to have been run from India. Organizations targeted for industrial espionage were located in numerous countries, including the United […]
a posting from Dark Reading in there Vulnerability Management section: Layering security measures typically protects systems better: Research) by three University of Michigan graduate students in 2008, for example, found that using multiple antivirus engines result in much better protection than using a single program. Yet, recent analysis by NSS Labs highlights that layering security devices rarely catches all […]
A posting from Dark Reading in there Endpoint Security section: Even though many of the most troublesome and advanced threats hitting enterprise networks originate from the endpoint, most organizations today aren’t investing in the same kind of visibility and control over these devices as they spend on network-based controls. This disparity is leaving organizations with […]
A posting from Naked Security on Google announces it will double its SSL key sizes: Google just announced that its HTTPS web pages will be ditching 1024-bit RSA keys in favour of 2048 bits. “Pah,” I hear you say. “I have one or two questions about that – three questions, in fact.” How is this newsworthy when many […]
An interesting article in Naked Security on Phishers try flattery with Facebook Page owners: Beware, fanboys and fangirls: phishers are targeting Facebook Page owners with a bogus message supposedly sent from Facebook Security. According to Hoax-Slayer, the scam claims that Facebook is rolling out a new security feature to protect Page owners. This supposed new security feature is dubbed the “Fan […]
A posting from Dark Reading In there Security management section: Verizon’s 2013 DBIR indicates that 40% of breaches involved malware, and rapid analysis often falls to incident responders. Malware Analysis: Black Hat Edition provides a rapid intro to the tools and methodologies of Windows malware analysis. Attendees will learn how to observe malware’s actions through disassembly and debugging, extract host […]
A posting from Dark Reading in there Vulnerability and Threat section: As more hardware vendors seek to implement the new NIST 800-155 specification that was designed to make the start-up BIOS firmware on our PCs and laptops more secure, they may need to rethink the security assumptions upon which the standard depends. A trio of researchers from […]
New York City police have arrested a NYPD detective for hiring an email hacking service to pinch the login details for at least 43 personal email accounts and one cell phone belonging to at least 30 individuals. Edwin Vargas, 42, of Bronxville (a part of New York City), is accused of having paid $4,050 via […]
