What’s the over/under on this one working?
Mac users – this means XProtect won’t block it in your web browser, so if you don’t want it active be careful.
Everyone is all fired up that the APT is now targeting major media companies. Rich covered that in yesterday’s post, and now it seems the Wall Street Journal was also targeted by similar tactics
Twitter announced this evening that some 250k user accounts were compromised.
This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for…
Plan. Build. Run.
It’s a pretty straightforward process. One of those things that is so simple we rarely need to even call it out. We tend to structure our research this way, even if we use different terms that are more consistent with the context at hand.
We talk a lot about Big Data Security, and over the next couple years we will talk about it a lot more. But I think articles like Big Goals for Big Data are a bit misleading.
A must-read reported by the Times itself:
For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.
It’s the end of January, which means my favorite day of the year is coming up. Yup, Super Bowl Sunday. It’s a huge bummer that the Falcons couldn’t close it out in the NFC Championship, but it was a great season nonetheless. But now on to the important stuff. We will be hosting our 8th Super Bowl party, and we get pretty festive. After this many years we have it down to a system. Pretty much.
See update at the bottom
TechHive’s piece on the new iOS 6.1 jailbreak.
Only works on the pre-A5 processors, which means the iPhone 4S and iPad 2 and later are safe. The device must be connected to a computer for it to work.
This post delves into why companies are looking at new Identity and Access Management technologies for cloud deployments. Cloud computing poses (sometimes subtly) different challenges and requires rethinking IAM deployments. The following use cases are the principal motivators listed by organizations moving existing applications to the cloud – both internal or external deployments – along with how they integrate with third party cloud services.
Rapid7 has announced that the UPnP (Universal Plug and Play) service is vulnerable to remote code injection. Because this code is deployed in millions of devices – that’s the ‘Universal’ part – there are a freakishly large number of people vulnerable to this simple attack. From The H Security: