Posted on June 29, 2009 by datasecurityblog
30 minutes each week on data security, privacy, and the law…. (plus or minus five)
On this week’s program:
Web drive-by download attacks have hit the users of the DenverPost.com . Attacks in progress.
Drive-by downloads are the fastest growing area of cyber attacks. A new tool alerts you before you get hit.
–>NEW! Stream This Week’s Show with [...]
Filed under: Breach, Court Cases, Podcast, Vulnerabilities, darkweb, web server security | Tagged: darkweb, web application security, TJMaxx, Denver Post | Leave a Comment »
Posted on June 27, 2009 by datasecurityblog
Web Blacklisting reports are coming in that late Saturday night, Pacific Time, that parts of the Denver Post newspaper site is getting blacklisted due to web-based drive-by downloads.
Web anti-malware company Dasient is reported that extras.denverpost.com (WARNING: MAY NOT BE SAFE…DO NOT GO TO THIS SITE WITHOUT STRONG LAYERS OF SECURITY) has 26 pages infected pages. [...]
Filed under: Breach, Vulnerabilities, darkweb, web server security | Tagged: darkweb, Drive-by download, web application security, Denver Post | Leave a Comment »
Posted on June 24, 2009 by datasecurityblog
Large US retailer TJMaxx today announced that it has settled with a multi-state group of 41 Attorneys General, resolving the States’ investigations relating to the criminal intrusions into TJMaxx’s computer system announced by TJMaxx [...]
Filed under: Annoucements, Breach, Legislation, Vulnerabilities, criminal forensics, darkweb, ediscovery, web server security | Tagged: darkweb, endpoints, ediscovery, PCI, web application security, TJMaxx | Leave a Comment »
Posted on June 22, 2009 by datasecurityblog
30 minutes each week on data security, privacy, and the law…. (plus or minus five)
On this week’s program:
The vast majority of malware infected web sites are legitimate sites that have been secretly hijacked. How would you know if your site was on that list?
Your GPS can now tell you where red light cameras, photo radar [...]
Filed under: Breach, Legislation, Podcast, Vulnerabilities, darkweb, ediscovery, web server security | Tagged: darkweb, endpoints, Drive-by download, Apple, PCI, GPS, XSS, web application security | 2 Comments »
Posted on June 14, 2009 by datasecurityblog
30 minutes each week on data security, privacy, and the law…. (plus or minus five)
On this week’s program:
Is Al-Qaida getting funding by stealing minutes from business phone systems?
$10,000 was paid out to the security researchers that uncovered the flaws in StrongWebMail. Could your email be vulnerable to that same attack? A conversation with StrongWebMail’s top [...]
Filed under: Breach, Business Continuity, Court Cases, Exclusive, Podcast, Vulnerabilities, criminal forensics, darkweb, ediscovery, web server security | Tagged: darkweb, ediscovery, web application security, HIPAA, EFF, StrongWebMail | Leave a Comment »
Posted on June 7, 2009 by datasecurityblog
StrongWebMail has received publicity for the $10,000 bounty that the company’s chief executive offered if someone could break into his web mail account.The executive, Darren Berkovitz, posted his StrongWebMail username and password on the company web site.
IDG is reporting that three information security professionals are now claiming that they were able to pwn (“own”) Mr. [...]
Filed under: Breach, Exclusive, eMail Security, web server security | Tagged: email, Smart Cards, two factor, vascular biometric, web application security, XSS | Leave a Comment »
Posted on June 1, 2009 by datasecurityblog
The Data Security Podcast is the place for 30 minutes of news every week on data security, privacy, and the law.
This weeks program – Polymorphic drive-by download attack targets tens of thousands of legit business and government web sites. SSL can be used for good or evil, find out how to tell the difference. And, [...]
Filed under: Breach, Podcast, Vulnerabilities, criminal forensics, darkweb, ediscovery, web server security | Tagged: BlackBerry, Brenno de Winter, darkweb, DefCon, ediscovery, EFF, endpoints, iPhone, Mifare, MIT Students, web application security | Leave a Comment »
