SecurIT360 Blog

In-depth IT and cybersecurity news and education

Research|Computer & Network Security>Vulnerabilities

OWASP Top 10 For Developers

Troy Hunt wrote a great series on the OWASP top 10 for developers.  This series is a few  years old, but still completely relevant since

Computer & Network Security>Malware|Computer & Network Security>Viruses

Hackers announce ramsomware toolkit

Two hackers, going by ‘gyx’ and ‘Porphyry’, have released what they are calling Prison Locker, a toolkit for customizing your own ramsomware.  They are apparently selling

Information Security|Computer & Network Security>Malware

Who was affected by the php.net attack?

This is related to our initial post about the PHP.net attack and whether or not the source code was compromised.  According to this article, “One

Information Security|Compliance>Privacy|Social Engineering|Computer & Network Security>Vulnerabilities

Are the websites you’re using tracking what you type?

Source – http://nakedsecurity.sophos.com/2013/12/17/are-the-websites-youre-using-tracking-what-you-type/ Backspacing, the select all/delete, hitting cancel or whatever it takes to avoid telling the world whatever it was that you typed may have

Compliance|Information Security>Data Breach|Computer & Network Security>Patches|Computer & Network Security>Vulnerabilities

Poor Patching, Communication Facilitated July Dept. of Energy Breach

Source: http://threatpost.com/poor-patching-communication-facilitated-july-dept-of-energy-breach/103200 The U.S. Department of Energy is describes what lead to July breach Failures around vulnerability management, access controls and a general lack of communication

Information Security>Asset Management|Information Security>Data Breach|Compliance>Encryption|Compliance>Privacy

Two Missing BCBS laptops may impact 800k people

Source: http://threatpost.com/two-missing-insurance-laptops-may-impact-800k-people/103202 Someone broke into the offices of Horizon Blue Cross Blue Shield of New Jersey and stole two laptops that contained the sensitive information of more

Information Security>Data Breach|Compliance>PCI|Compliance>Privacy|Computer & Network Security>Vulnerabilities

Target Stores said have data breach of over 40 million customers

Source: http://news.cnet.com/8301-1009_3-57616054-83/target-investigating-massive-black-friday-data-breach-report/ Everyone will be attacked, and many will be breached.  Have you taken steps to protect your organization or made plans for how to react

Information Security>Asset Management|Computer & Network Security|Information Security>Data Breach|Compliance>Encryption|Compliance>HIPPA

Missing Thumb Drive Compromises User Data

Do you have policies in place to protect your client’s data?  Do you verify that your employees are following those policies?  It was reported that