You are viewing 'password security'
It’s hard for me to get enthusiastic about predictions. Let’s face it, anyone at the end of 2014 could have predicted that in 2015 that there would have been mega data breaches, such as those that hit the Office of Personnel Management and Ashley Madison. And in the year ahead, there will be a number of major breaches, shocking vulnerabilities, and surprising gaffes at the hand of the IT department at a number of enterprises and government agencies.
That said, it’s important that security teams always keep an eye on the major trends in the industry so that they can adjust their programs accordingly. With that in mind, here are a handful of key things we can expect to see in 2016 and likely beyond:Citizen developers increase enterprise data risks
If enterprise application security teams think that they have a challenge now regarding keeping applications secure as they’re developed, deployed, and maintained in production,... read more >
AppSec USA 2015 Follow Up
This blog is a continuation of the AppSec USA 2015 blog, “Web Application Testing with Python” and “Web Application Testing with Python – Part 2”. To follow along, please download the virtual machine and scripts that I’ll cover in these series of blogs (the files are posted on an OWASP-controlled Google Drive. See Resources below for the full URL).
In the previous blog post, “Web Application Testing with Python – Part 2”, we wrote two scripts to attack the login form of our vulnerable application in order to enumerate valid users. In this blog, we’ll continue attacking... read more >
NCSAM Week 3: Connected Communities and Families
Week 3 of National Cyber Security Awareness Month (NCSAM) focuses on “Connected Communities and Families: Staying Protected While We Are Always Connected”. This week really resonates with me as a first time mom. How will we stay safe and secure in this ever changing digital world? How will I be able to protect my child from cybercrime, cyberbullying, etc.? When do I need to start teaching my child about cyber issues?
I thought these questions and worries were a concern of the distant future - when my child is old enough to use devices. I quickly am finding out that this is not the case.
Surprisingly, a hot cyber topic among other first time moms is baby monitors. The scariest part is the real life stories about baby monitors getting hacked. There are instances of hackers... read more >
Reminders of Important Cybersecurity Basics
During this first week of National Cyber Security Awareness Month (NCSAM), the theme is STOP. THINK. CONNECT.™ This year marks the fifth anniversary of this global cybersecurity awareness campaign to help all digital citizens stay safer and more secure online. A coalition of private companies, non-profits and government organizations, with leadership provided by the National Cyber Security Alliance (NCSA) and the Anti-Phishing Working Group (APWG), developed STOP. THINK. CONNECT. to provide a unified message for online safety. The STOP. THINK. CONNECT. website contains a large number of resources targeted toward different groups, from kids to senior citizens, businesspersons to business owners, to help everyone become more... read more >
The first known, reported account of hacking in professional sports
One Major League team hacked another one for competitive gain? Say it ain’t so, Joe.
Teams have often tried to steal the other team’s signs during a game to predict a play or a pitch. This has been part of baseball since its earliest days. Now, it seems that a team may have taken it to a new level. Corporate espionage may now be part of our national pastime.
It looks as if the first known instance of one professional sports team hacking another has been reported. According to a NY Times report, the St. Louis Cardinals are facing an F.B.I. inquiry due to the alleged hacking of the Houston Astros.
On June 16, 2015, the NY Times reported:Investigators have uncovered evidence that Cardinals officials broke into a network of the Houston Astros that housed special databases the team had built,... read more >