Facebook launches privacy campaign to protect teens
An posting from Naked Security about Facebook launches privacy campaign to protect teens: Facebook, under pressure to educate teenagers on staying safe on the site, has teamed up with 19 US attorneys general to launch a privacy public awareness campaign.
Facebook and the AGs announced the campaign on Monday during a National Association of Attorneys General (NAAG)-sponsored conference devoted to digital privacy, according to CFOWorld.com.
Teaching teenagers about data privacy is going to be an uphill battle.
Facebook has a tough enough row to hoe when it comes to staying relevant with this demographic, given that many youth today find Facebook flat-out boring.
To read more click here:
Warning! Hackers are exploiting Waco explosion news to spread malware
An posting on Naked Security about Hackers are exploiting Waco explosion news to spread malware : Once again, cybercriminals are leaping at the opportunity to take advantage of breaking news stories to spread malware.
The latest example, coming just days after malware authors exploited interest in the Boston Marathon bombings, concerns the fatal explosion in Waco, Texas, of a fertiliser plant.
Here’s an example of one of the malicious emails intercepted by SophosLabs, with the subject line “CAUGHT ON CAMERA: Fertilizer Plant Explosion Near Waco, Texas”.
To read more click here:
WordPress accounts are under botnet attack
An posting From NBC NEWS in there Technology section: WordPress, a popular blogging platform used by individuals as well as big businesses including UPS and eBay, is the target of a widespread botnet attack.
The vulnerability that allows hackers to get into WordPress accounts and take them over for other purposes: user accounts where the word “admin” is the username. The advice for immediate action: Change admin to a different — and much stronger — username immediately.
Matthew Prince, founder of CloudFlare, a website performance company, says the attack, which started last week, is “significant.”
To read more click here:
Developing Data Classification For Stronger Database Security
An posting from Dark Reading about Developing Data Classification For Stronger Database Security:
Data discovery may be an important early step in developing a sound database security program, but in the end it’s just the first step. Ultimately data security controls have to be driven by the different sorts of risk faced by the various types of data that need protection. And the only way to assess the risks to those different types of data is to classify that data based on priorities that matter to the business. It may not sound like a glamorous task, but data classification provides a critical foundation for managing risk to data both outside and within the database.
“A risk-based approach to security requires an understanding of the value, sensitivity or importance of the information when determining appropriate security controls,” says Andrew Wild, CSO of Qualys. “When most people think of data classification, they envision assigning a classification level to documents, spreadsheets and presentations. However, organizations have a tremendous amount of information stored in database systems, and it is important to ensure this structured data is properly classified as well.”
To read more click here:
Oracle preps 128 security patches; Java gets 42
An posting from Cnet in there security and privacy section : Oracle will release today 128 fixes for security vulnerabilities that affect “hundreds” of its products.The software giant and Java maker said in a pre-release announcement today that four of the patches include fixes for Oracle’s flagship database product, which can be exploited remotely without the need for a username or password. Also, 29 security fixes will arrive for Oracle Fusion Middleware, with 22 of these also for preventing attacks without the need for authentication.Affected components include Oracle HTTP Server, JRockit, WebCenter, and WebLogic. Both Oracle products have a common vulnerability scoring system (CVSS) rating of 10, described as the most severe vulnerability.
To Read more click here:
Researcher rewarded over $30,000 for nailing three Chrome OS security flaws
An posting from Naked Security about Researcher rewarded over $30,000 for nailing three Chrome OS security flaws: Google has patched four flaws – three of them high-risk – in its Chrome operating system and has paid out $31,336 to the researcher who spotted three of them.
The flaws are all found in the O3D plug-in: a Google-crafted plugin used to create interactive 3D graphics applications that run in browser windows or in an XML User Interface (XUL) desktop application.
Updates for Chrome 26 will be pushed out over the next few days, according to a blog post written by Google’s Ben Henry.
To read more click here:
