2012-02-29

Google's "We are changing our privacy policy"

I am sure, everyone would have noticed Google's message by now. Of course most of us would not have bothered to read it. However, it is very worrisome what Google's new privacy policy looks like, which goes into effect on 01-Mar-2012!!

Here is a blog, which simplifies the legal jargon for common users.


Update 26-Mar-2012:
Google customers launch class action suit over privacy policy

Microsoft Store in India hacked, user data leaked, passwords stored in plain text

The Microsoft Store India was hacked by Evil Shadow, a team of Chinese hackers, who tagged the site with 'Unsafe system will be baptized.' More embarrassing than the defacement, the hackers breached the database and then leaked usernames and passwords which had been protected with no encryption. That's right, Microsoft which supposedly takes privacy very seriously, had stored passwords as plain text in the Microsoft Store.
Full Story Here!

Update 28-Feb-2012:  This gets worse and worse, now MS admits that the credit card information was also being stored in plain-text, and has been compromised as well. The Microsoft's India store is still unavailable at the time of this post.

2012-02-15

Bangladesh Cyber Army Threats Indian Stock Market

Bangladesh Cyber Army (BCA) has released a video threating to attack the Indian stock markets. On the other hand, three such websites have been down for some time now (maybe it's a coincidence or maybe it is really an attack)
Full story here!

16-Feb-2012:  In retaliation an Indian hacker, by the name of ‘Silent Hacker’ had defaced 30 Bangladeshi government websites.

Nortel repeatedly breached over a decade

Sigh, no wonder the poor guys went bankrupt... Seriously poor management!

Demand for information security professionals remains strong

Only 7% of information security professionals were unemployed at any point during 2011, with nearly 70% reporting a salary increase, and 55% expecting to receive an increase in 2012, according to a survey by non-profit IT security trade group (ISC)².
Full story here!

Foxconn said to have been hacked by group critical of working conditions

Hackers claimed to have stolen internal data from Apple supplier Foxconn, and leaked the information online, in response to media reports of poor working conditions at the electronics manufacturer's factories in China.
Story Here

Google-Motorola Purchase May Help Android

More about this merger

Google Chrome will no longer check for revoked SSL certificates

Sounds like the organization is trying to make the browser faster, but at the cost of security. Not necessarily the smartest decision, even if SSL has been hacked, broken and smashed in the recent past.

2012-02-04

Hungarian hacker gets 30 months for extortion plot on Marriott

Another typical story of a rookie hacker, trying to extort money from an organization (Marriott in this case), but ends up arrested.

German gov't endorses Chrome as most secure browser

Germany's cyber security agency today recommended that Windows 7 users run Google's Chrome browser, citing the application's sandbox and auto-update features.
Full Story.

2012-02-03

Half of Fortune 500 firms infected with DNS Changer

Story here.

VeriSign Also Admits It Was Hacked

02-Feb:  Verisign admitted that it was successfully hacked mutiple times in 2010, but did not disclose it. This just goes on to show, how Businesses still do not believe in responsible (and honest?) disclosures.

15-Feb:  Verisign releases a public statement on their website, which sounds more of PR non-sense, than reality.

E&Y Loses Employees Confidential Data

"Ernst & Young, auditors of Regions Financial Corp., lost personal information on current and former Regions’ employees when a flash drive with the data sent in the mail was stolen."
Full Story