7 Lessons We Should Take Away from the Drupal SQL Injection Flaw

What’s the Deal with Drupal? Another month, another apocalypse-summoning security catastrophe – and October was no different. Just over two weeks ago, the security team behind Drupal’s free and open-source CMS released an ominous security advisory that shocked many in the security industry. The advisory, SA-CORE-2014-005, informed users that an SQL injection flaw in all

Read More »

IoT-Hacking Horror Stories: Screaming at Babies & Jamming the Roads

In the ‘wonderful world’ of the Internet of Things, two interesting stories – one about hacking traffic systems and another about attackers screaming at babies in their cribs – have recently popped up that should make us stop and think about its current state of security.  Taking It To The Streets In the first story,

Read More »

You’ve Got a Breach: AOL Investigating After Spoofing Incident

If you just couldn’t get enough of changing your passwords after the Heartbleed fiasco and still keep an active AOL account, you’re in luck. The company announced on Monday that it is further investigating a security incident after a “significant” number of user accounts were found to have been compromised, with AOL estimating around 2%

Read More »

Hackers Already Exploiting Microsoft IE Zero Day ​in Federal, Financial Orgs.

Hackers are already busy at work exploiting a just-discovered zero-day security flaw in Microsoft’s Internet Explorer, posing a serious risk to up to 56% of the world browser market. The vulnerability was found in all versions of the browser and as of today, “limited, targeted attacks” have been leveraged against IE versions 9, 10, and

Read More »

Top 5 in Security: Weekly Update

From snooping drones and leaky apps to more hijack-able connected devices, these are your week’s top 5 security stories.  6 Months Later, Angry Birds Still Spilling Personal Info Rovio, the gaming company behind the mobile hit Angry Birds, has apparently continued its relationship with the ad platform believed to have been hacked into repeatedly by

Read More »