If you collect data to track children for parents, it's probably a good idea to put a password on the database holding all that tracking data. In today's episode I share a security industry drama around a researcher reporting just such a flaw, but not getting the best response. More importantly, I share resources you could leverage to make sure you don't make the same mistakes … [Read more...]
Jamie Oliver Hacked Again – Daily Security Byte EP.44
There's a lot of InfoSec news today, but I'm most fascinated with that fact that Jamie Olivier's web site has been hijacked yet again. It may provide a perfect example of how not to secure your web site. Check out today's short video for details, and I threw a few extras in the References below. (Episode Runtime: 1:48) Direct YouTube … [Read more...]
Use the Zappos Breach to Renew Your Password Strategy
Last Sunday, Zappos (a popular, Amazon-owned, online shoe reseller) warned its employees and customers that an attacker had gained access to their internal network, and made off with a bunch of sensitive customer information. The good news? The attacker did not gain access to any customer credit card info. The bad news? He or she did steal over 24 million users' names, … [Read more...]