Research|Computer & Network Security>Vulnerabilities
OWASP Top 10 For Developers
Troy Hunt wrote a great series on the OWASP top 10 for developers. This series is a few years old, but still completely relevant since
January 9, 2014
Troy Hunt wrote a great series on the OWASP top 10 for developers. This series is a few years old, but still completely relevant since
Two hackers, going by ‘gyx’ and ‘Porphyry’, have released what they are calling Prison Locker, a toolkit for customizing your own ramsomware. They are apparently selling
Linkedin is ripe with information about people. In a targeted attack, facebook and linkedin would probably be the two places to start gathering information. Many
This is related to our initial post about the PHP.net attack and whether or not the source code was compromised. According to this article, “One
Source – http://nakedsecurity.sophos.com/2013/12/17/are-the-websites-youre-using-tracking-what-you-type/ Backspacing, the select all/delete, hitting cancel or whatever it takes to avoid telling the world whatever it was that you typed may have
Source: http://threatpost.com/poor-patching-communication-facilitated-july-dept-of-energy-breach/103200 The U.S. Department of Energy is describes what lead to July breach Failures around vulnerability management, access controls and a general lack of communication
Source: http://threatpost.com/two-missing-insurance-laptops-may-impact-800k-people/103202 Someone broke into the offices of Horizon Blue Cross Blue Shield of New Jersey and stole two laptops that contained the sensitive information of more
Source: http://news.cnet.com/8301-1009_3-57616054-83/target-investigating-massive-black-friday-data-breach-report/ Everyone will be attacked, and many will be breached. Have you taken steps to protect your organization or made plans for how to react
Do you have policies in place to protect your client’s data? Do you verify that your employees are following those policies? It was reported that
