eBay Data Breach Response – How Not to Handle a Crisis

Posted by:

It Took 3 Months To Notice The Breach

eBay, which was recently hit by a cyber attack that exposed the personal data of up to 233 million registered accounts, is now being investigated by three states — Connecticut, Florida, and Illinois — in a joint probe into the e-commerce giant’s security practices.

eBay’s response to the crisis, which unfolded over the past week, has been criticized as being more embarrassing than the attack itself. It took eBay three months to notice the ...

Read More →
0

cyber-security, Data Breach, Information Security, IT Security

, , , ,

WordPress Cookie Flaw Lets Hackers Hijack Your Account

Posted by:

woodpress cookie flaw

WordPress Users Beware!

Do you own a blog on WordPress.com website? If so, then you should take extra care while signing into your WordPress account when connected to public Wi-Fi, because it can be hacked without your knowledge, even if you have enabled two-factor authentication.

Yan Zhu, a researcher at the Electronic Frontier Foundation (EFF) noticed that the blogs hosted on WordPress are ...

Read More →
0

Cyber Criminals, cyber-security, Information Security, IT Security

, ,

50% Of Security Professionals Do Not Secure Their Mobile Devices

Posted by:

secure mobile devices
If you’re a security professional you have to ask yourself “Why don’t I have my own devices secured?”  Well, you’re not alone.

New research has found that half of security professionals don’t bother to secure data on portable devices.

The findings, uncovered by an iStorage survey which questioned 500 attendees at Infosec 2014, revealed that 50 per cent of security pros don’t bother with security measures or encryption when it ...

Read More →
0

cyber-security, Information Security, IT Security

, ,

The History Of Hacking – Timeline Of Hacking Techniques [Infographic]

Posted by:

cyber security - hacker preventionIf you think hackers get a bad rap, think about this……

The word “hacking” has become synonymous with ill doings and the amount of affected people might be the reason for that. The meanings of hacking are many and most are intended to describe the act of engaging in activities (such as programming or other media) ...

Read More →
0

Cyber Criminals, cyber-security, Information Security

, , ,

Cybersecurity Threats – Don’t Forget Employees

Posted by:

Internal Threats Can Be Your Biggest Threat

The usual focus of cybersecurity efforts on external threats to an organization and its mission overlooks the central, powerful danger the inside threat.
Corporations dont take their internal security as seriously as they should, explains Alex McGeorge, senior security researcher at Florida-based Immunity, a provider of specialized offensive information technologies.

McGeorge goes on to emphasize the importance of protecting a corporation from internal threats, explaining, The attack surface inside ...

Read More →
0

cyber-security, Data Breach, Information Security

, , ,

Enterprise Penetration Testing In The Palm Of Your Hand

Posted by:

Pwnie Express Unveils Next Generation State-of-the-Art Pwn Phone 2014.

pwn phone penetration testingEarlier this week, Pwnie Express revealed the next generation of its  game-changing Pwn Phone, a cutting edge sleek phone that doubles as a powerful penetration testing device making it incredibly easy to evaluate wired, wireless and Bluetooth networks.

The leader in vulnerability assessment and penetration testing devices, the Pwn Phone 2014 is ...

Read More →
0

Cyber Criminals, cyber-security, Information Security

,

SEC Provides Guidance on CyberSecurity Exams

Posted by:

SEC Cybersecurity ExamsIn an April 15, 2014 Risk Alert, the U.S. Securities and Exchange Commission’s Office of Compliance Inspection and Examinations (OCIE) announced that it would conduct examinations of more than 50 registered broker-dealers and registered investment advisers, focusing on areas related to cybersecurity.

The OCIE Alert includes a sample request for information and documents that will be used in the initiative. This sample ...

Read More →
0

cyber-security, Information Security, IT Security

, ,

Is Dropbox Leaking Your Sensitive, Personal Information?

Posted by:

If you’re storing personal information in a cloud service like DropBox or Box, even Google Drive we have to ask, what are you thinking?  If you somehow have been convinced that these are secure platforms for sharing personal information you might think again after reading Graham Cluley’s piece below.

If you are using file-sharing systems like Dropbox and Box without proper care and attention, there is a risk that you could be unwittingly leaking your ...

Read More →
0

Data Breach, Identity Theft, Information Security

Covert Redirect Is Just a Flaw It’s Not Another Heartbleed

Posted by:

covert redirect is no heartbleedBut That Doesn’t Mean Its Not A Problem

On Friday, a PhD student at the Nanyang Technological University in Singapore, Wang Jing, published a report focused on a method of attack called “Covert Redirect,” promoting it as a vulnerability in OAuth 2.0 and OpenID. Yet Jing’s contention of security flaws in OAuth and OpenID has serious flaws of its own, according ...

Read More →
0

cyber-security, Heartbleed, Information Security, IT Security

, , , ,

Microsoft Releases Patch For Zero Day Vulnerability (CVE-2014-1776) Including Patch For XP

Posted by:

LATEST INTERNET EXPLORER ZERO-DAY VULNERABILITY (CVE-2014-1776)IS IT SAFE YET?

Microsoft released a security update for its Internet Explorer browser Thursday to fix a the Zero-Day Vulnerability (CVE 2014-1776) for all versions of Windows including XP. This security update is rated Critical for Internet Explorer 6 (IE 6) thru 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 6 (IE 6) thru Internet Explorer 11 (IE 11) on affected Windows ...

Read More →
0

Cyber Criminals, cyber-security, Internet Explorer Security Flaw, Security Alerts

Page 1 of 2 12
})
SEC Cybersecurity Exams