-
The Washington Post website has been hit with a double security breach. Hackers have made off with around 1.3 million user IDs and email address from (continue reading...)
- A good web application security environment is one that balances security with convenience. Nothing more and nothing less; (continue reading...)
- One of the things I’ve learned throughout my career is that many solutions to the problems we face in IT, security and software development (continue reading...)
- As I wrote in (continue reading...)
- With Sony, Epsilon and even Barracuda Networks (a security company) dominating the news cycle when it comes to data breaches, it makes you wonder: if it can happen to them, can it happen to my (continue reading...)
- Introduction
On April 11th 2011, at nine in the evening, Barracuda Networks posted a grim entry on their blog. (continue reading...)
- The 2011 Verizon Data Breach Investigations Report is out. Yeah, yeah, yeah – yet another report telling us what a bad state of security we’re in (continue reading...)
- Regulatory ‘compliance’ – it’s a dirty word in business today. Perhaps that’s because we’re being force-fed more and more rules that various governing bodies believe (continue reading...)
- Introduction
On 27th March 2011 a message was posted on the popular Full Disclosure mailing list exposing a recent hack against the website mysql.com. This vulnerability was apparently also reported by a hacker called TinKode, who (continue reading...)
- Six days ago, Barracuda Networks, a major player in the information security space, experienced a breach via its public-facing web site, which compromised sensitive company data.It is important to note that attack took place during (continue reading...)
- Most CSOs go to great lengths to develop iron-clad security policies, implement the most cutting-edge solutions and partner with the right integrators and security solutions providers to make sure that their most precious assets are (continue reading...)
- Would you want to rely a home inspector’s analysis of just the outside of a new home you’re considering (continue reading...)
- Cross Site Scripting (XSS) attacks are amongst the most common types of attacks against web applications. XSS attacks all fall under the same category however a more detailed look at the techniques employed during XSS (continue reading...)
-
Hackers are constantly experimenting with (continue reading...)
- Attending a recent meeting I heard one of the speakers say “You can’t change what you tolerate.” Apparently it’s a quote from Cesar Millan (the dog whisperer) (continue reading...)
- Without a doubt, the annual RSA conference is the premier gathering of key security leaders from both industry and government. It is what I like to call “The Greatest (Security) Show on Earth.” From vendors (continue reading...)
- Typically when we think of Web security testing vulnerabilities such as SQL injection, cross-site scripting and (continue reading...)
- One of the bigger data breach stories dominating the headlines as we head into RSA 2011 is the NASDAQ breach. While this is considered a “high-profile” breach, the real, behind-the-scenes story is that the (continue reading...)
- It’s pretty hard these days to do a Google News search on the topic of “application security” and not run into hundreds of stories about cloud security. As the RSA 2011 news cycle starts to (continue reading...)
- Are you a software developer? If so, I don’t envy you. Of all the possible positions working in and around IT, you’ve arguably got the toughest one. I’ve witnessed it over the years while performing (continue reading...)