If we’re measuring it in cyber-drama, it’s certainly a holiday season to remember! The past week saw what is potentially the most damaging data breach of 2013 with over 40 million Target customers at risk of credit fraud. On top of that, a major media site got hit for the third time in the same
Target’s famous bullseye logo attracted some malicious arrows over the holiday shopping season as the national retail chain was the target of a major data breach that may be much more serious than first thought as details emerge. The data breach will potentially affect hundreds of thousands, perhaps millions, of Target customers that shopped in-store
The “blue and white” Facebook logo is arguably the most familiar graphic in today’s cyberspace. Almost one out of every nine people in the world has an active Facebook account. This social media giant definitely makes the world smaller place, but not without seriously compromising the user’s security and privacy.
The Department of Energy (DOE) has released more details about the July 2013 DOE Employee Data Repository (DOEInfo) incident in which the Personal Identifiable Information (PII) of at least 100,000 past and current federal employees – but possibly as high as 150,000 – was exposed. According to the 28-page review conducted by Gregory H.
In this week’s AppSec digest, NSA agents spy on World of Warcraft Orcs, Facebook acts like a Nosy Nancy, Gmail auto-downloads all your advertise – I mean images, and CryptoLocker copycats emerge. Get informed about the latest news in security and start your week out fresh.
Mobile malware has come a long way in recent years. The latest exploit was exposed this week when the popular “Balloon Pop 2”, played and enjoyed by thousands of Android users, was found to contain a malicious code that enabled eavesdropping on WhatsApp conversations. Google has taken the game off its Play Store app market.
19 of the top CISO’s and security executives from around the world came together to give their advice on what security teams should be focusing on in the New Year. This week, the Security for Business Innovation Council (SBIC) released an in-depth report expounding on the suggestions. The major industry thought leaders included FedEx CISO and VP
Google spoke out this week after security engineers discovered fake SSL certificates linked to a French government agency earlier this month. On December 3rd, security engineers found that a government agency in France was using unauthorized digital certificates on various Google domains, including Gmail, which allowed the agency to act as man-in-the-middle of private domains
Some two million accounts on several of the most widely visited social media networks, email providers and websites were just discovered on a server with a bogus IP in the Netherlands. Hackers stole login usernames and passwords for Facebook, LinkedIn, Google, Twitter and various other popular sites.
Winner of the ‘Worst Week’ award goes to James Howells, who this week realized he threw away a hard drive with 7,500 Bitcoins worth over $7.5 million in current BTC value. Read about his million dollar fumble, the still-unfolding Vodafone breach, new NSA snooping and more in this week’s edition of The Week in AppSec.