The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.
By Nazar Tymoshyk and Stanislav Breslavskyi The growing list of recent red-letter security vulnerabilities—Beast, Heartbleed, Shellshock—was recently extended with a new threat, POODLE. No matter how fluffy your associations with this word are, the term sends shivers down the spine of those who use SSLv3 protocol. POODLE stands for Padding Oracle on Downgraded Legacy Encryption,…
By Erin Lee and Jessica Vartabedian With so much going on in the enterprise security space, it can be hard to keep up with the flow of information and to know where to turn for actionable advice. This list of security experts, selected by eSecurityPlanet, is a good place to start. All are active bloggers…
Heartland Payment Systems recently began notifying approximately 2,200 people that their personal information may have been compromised when 11 password-protected computers were stolen from Heartland’s office in Santa Ana, California. Four of the 11 stolen computers held personally identifiable information (PII), including Social Security numbers and bank account information. The Santa Ana office, formerly Ovation…
Credit cards are not secure. That has been the case for a long time, and it remains the case today. It is why point-of-sale malware has been so popular among hackers and their dark Web customers, and it is why major retailers like Target, Home Depot and Michael’s, and other businesses like Anthem and Adobe…
Chris Roberts has been in the news a lot this week, for all the wrong reasons. Roberts was banned from United Airlines after tweeting on a flight about his theoretical ability to hack into a plane’s WiFi system. FBI agents detained him for an interview after his flight, and there is now a federal advisory…
The Chinese government recently implemented new rules requiring foreign companies that sell computer equipment to Chinese banks to disclose source code, submit to audits and build backdoors into both hardware and software, according to the New York Times. BBC News reports that the U.S. Chamber of Commerce and other groups have responded with a letter…
At Digital Bond‘s S4x15 Conference last week, researcher Corey Thuen warned of significant security flaws in Progressive‘s Snapshot ODB-II port dongle, manufactured by Xirgo Technologies, which the insurance company uses to track customers’ driving habits. Thuen tested the device on his 2013 Toyota Tundra, and found that it operates with no security at all, according…
By Nazar Tymoshyk, SoftServe For developers and end users of today’s software,?security is a matter of mounting concern, regardless of whether it is private or business data that needs protection. Many people view security exclusively in black and white: Either a system is damaged, or it is safe and sound. However, digging a bit deeper…
Norse Corporation researchers are claiming that a group of six people, including at least one former Sony Pictures employee, was behind the recent breach at Sony Pictures Entertainment. The researchers tracked the activities of the former employee, a systems administrator who had an extensive technical background and knowledge of Sony’s systems, on underground forums where…
The cross-browser testing service BrowserStack was recently breached by an attacker who leveraged his access to send an email to users claiming that the service was shutting down. Claiming to come from the BrowserStack team, the hacker’s email to customers stated, “We have no firewalls in place, and our password policies are atrocious. All virtual…