Google Upgrades Their DNS to DNSSEC

A recommendable move by Google.

Role of Auditors

Being in a financial organization, makes audits, integrated in the DNA of every IT professional. The audits varies from internal, external, regulatory, statutory, to what not. So, are these of any value?

Personally, I have a lot of respect for the audit function. Especially the IT Security audit. However, I prefer working with auditors who know their jobs, and try and look for real risk, and are not just mechanical bots trained to match documents to their check-lists.

Here is one article that is in-sync to my thoughts.

Evernote Hacked

All the passwords compromised, but luckily they were properly salted.

Spamhaus' website hit by a 300Gbps DDoS

Update 29-Mar-13:
They say this is the biggest DDoS ever!

Update 09-Jul-13:
Some more details on the DNS flaw.

Update 28-Sep-13:
A 16 year old kid arrested for it!

NIST DB Hacked

Malware hits National Institute of Standards and Technology..!!



Bank of America Loses Confidential (?) Data

BOA had some 14 GB of data stored on a public server, which was misconfigured, and anyone could log on to it. With salary details, source code, and what not.