Google gives 7 days to vendors to patch 0-days! Sounds like a tight deadline from Google.
Update 07-Jun-13:
Google increases the bounty for the bugs found on their own systems!
2013-05-31
2013-05-28
2013-05-27
Sky news apps defaced!
Update 27-May-2013
Hackers break into Android apps of a Sky News??!!! Looking for some more details here.
Update 28-May-2013
This explains the matter better.
Hackers break into Android apps of a Sky News??!!! Looking for some more details here.
Update 28-May-2013
This explains the matter better.
2013-05-22
Skype (for)gets end-to-end encryption
There used to be a time when a new (but only) player on the web, had the capability of providing end-to-end (peer-to-peer) encryption. Since Microsoft took it over, looks like privacy is going down the drain.
2013-05-20
2013-05-14
Pen Testing Tutorials
PenTesterLab.com: Looks like a place for interesting, hands-on tutorials. Not too many exercises available for now, but got a few good ones like - Linux Server Hardening, Website Vulnerability review, etc.
2013-05-12
What do employees think about security?
- half of sales-focused employees say their job is hindered because they aren’t getting access to all the information they need
- an alarming 46% avoided the possibility of losing a sales opportunity by bypassing security controls to access necessary sensitive information to get the job done
Full Article
2013-05-11
Card Industry's $45M Fraud
We have a new case where the thieves walked away with $45 million!
It's a known fact that the so-called PCI standard is poor and outdated. The question is when will the industry wake up and either create a new baseline standard?
Or maybe this is a good opportunity to fill this gap today and roll out a new standard.
Here's a high level summary of the heist!
It's a known fact that the so-called PCI standard is poor and outdated. The question is when will the industry wake up and either create a new baseline standard?
Or maybe this is a good opportunity to fill this gap today and roll out a new standard.
Here's a high level summary of the heist!
Name.com Breached
A domain registrar breached, and then forces customers to reset their passwords. Such attacks are always critical, and almost out of the hands of the poor owners of the websites.
India's Cyber Policy
India (finally) works on a cyber security policy/framework. Much needed, but I'm still waiting to see the actual document.
Update 17-Sep-13:
A very good article around India's position for IT Sec and the challenges.
Update 17-Sep-13:
A very good article around India's position for IT Sec and the challenges.
2013-05-07
AutoIt Malwares
AutoIt, which is a Windows scrpting language is now popularly being used to create malwares. In fact there is some really good code on Pastebin up for grabs!
OpUSA
Update 07-May:
Anonymous' threat to attack a huge number of American banks today (7th)
Update 13-May:
Looks like the event wasn't a big success. A few low profile hacks is all they got.
Anonymous' threat to attack a huge number of American banks today (7th)
Update 13-May:
Looks like the event wasn't a big success. A few low profile hacks is all they got.
2013-05-02
Elements of a successful security awareness program
The 7 elements to make your organization's program a success.
Google Glass Bug!
Okay, we now have a cutting edge tool, to keep humans always 'connected', making sc-fi cyborgs a reality. Anyway, this Google brainchild is now available to a limited set of developers, and one of them has a detailed analysis of it.
The concerns with this new technology are probably more than the benefits for now. Here's one article on it.
The concerns with this new technology are probably more than the benefits for now. Here's one article on it.
Subscribe to:
Posts (Atom)