Vulns & Alerts
June 03, 2011 Added by:Headlines
"SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities... From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"
May 31, 2011 Added by:Kelly Colgan
The proposed bill is nothing more than an outdated, bandwagon approach that creates more red tape for businesses, weakens state law, and overprotects small- to medium-sized companies that suffer data breaches. Bottom line: It offers little, meaningful help to the consumer...
May 25, 2011 Added by:Headlines
"It's a huge issue for all types of consumer information that is stored, and it's being heavily targeted by all kinds of breaches. Organized crime either had an employee planted or reached out to an employee and got them in on the hack. We're seeing this more and more..."
May 24, 2011 Added by:Tom Eston
Sony has not confirmed or denied that credit card data was stolen; however, as a customer you should take the following precautions when using a PS3 or any game console, including XBOX Live and Nintendo’s Wii and DS systems...
May 23, 2011 Added by:Headlines
"It is nearly impossible to run a totally secure Web presence, especially when you are the size of Sony. As long as it is popular within the hacker community to expose Sony's flaws, we are likely to continue seeing successful attacks against them..."
May 19, 2011 Added by:Headlines
"The depths they went indicates that this hack wasn't arbitrary... It seems likely to me that Sony got attacked through its web services first, such as the blog, and it opened up the doors to the rest of Sony's servers..."
May 17, 2011 Added by:Ben Kepes
The actions of LastPass have been exemplary – the actual loss in this instance was either non-existent or negligible. Many larger companies would have simply brushed this under the table and perhaps introduced some new security measures under the cloak of a version update...
May 13, 2011 Added by:Headlines
GenVersion.dll is a component used by the WebHMI interface. By passing a specially crafted string to the SetActiveXGUID method, it is possible to overflow a static buffer and execute arbitrary code with the privileges of the logged on user. Users could be lured to malicious sites...
May 05, 2011 Added by:Headlines
To counter the potential threat, LastPass is going to force everyone to change their master passwords. Additionally, they're going to want an indication that you're you, by either ensuring that you're coming from an IP block you've used before or by validating your email address...
May 05, 2011 Added by:Headlines
Initially, Sony representatives did not seek to connect the hacktivist group with the data breach event. That has changed now that forensic investigators have located a file on the hacked PSN systems named "Anonymous" and containing the movement's tagline "We are Legion"...
May 02, 2011 Added by:PCI Guru
Epsilon appears to have caught this breach quickly because they were monitoring their network systems. What this incident points out is that even when you are monitoring your environment, it still takes a while to recognize that a breach is in progress...
April 29, 2011 Added by:David Navetta
Beyond litigation risk, treating personal information in the same manner as property could significantly impact the current quid pro quo of the Internet and how information is collected, used and transferred. It will be interesting to follow this case through the next round of discovery...
April 28, 2011 Added by:Rafal Los
What are PSN gamers/users more worried about? Are PSN gamers more worried about their heard-earned trophies and status on their favorite games, or the fact that their personal information and maybe even their credit cards were pilfered?
April 27, 2011 Added by:Jared Carstensen
What this means for those affected: Your name, date of birth, address, billing address and contact details are most likely not going to change - so this information could be as valuable in a year or two to these criminals, as it is now - potentially even more valuable...
April 26, 2011 Added by:Alexander Rothacker
Is Oracle misleading its database customers during its quarterly Critical Patch Updates (CPUs)? Unfortunately for its customers, Oracle has figured out a way to downplay the severity of its vulnerabilities and water down the Common Vulnerability Scoring System (CVSS) scoring...
April 25, 2011 Added by:Robert Siciliano
These virtual dollars and virtual goods have real value. Virtual currency includes the points customers receive from retailers, merchants, airlines, hotels, and credit card companies through loyalty programs. These points are the second most traded currency on the planet...
Assessment of Visual Voicemail Security... Simran Maan on 03-04-2015
Seven “Sins” of Cyber Security... abdul bari Chanessra on 03-04-2015
FBI Overreaches with May First - Riseup Serv... mike lines on 03-04-2015