While this is not unusual it is still worth reiterating. A web server at the Paul F. Glenn Center for the Biology of Aging at Stanford hosted malware for months, undetected. The malware started by installing a web shell onto the web server. This shell was able to do a number of things including upload […]
Continue reading → [DISPLAY_ACURAX_ICONS]An unprotected database containing 10 million vehicle identification numbers or VINs has been discovered on the Internet. That database also included make and model information, sales gross, monthly payment, customer name, address, phone, email, birth date and many other fields. But here is the interesting part. Even though that researchers discovered the unprotected database 137 […]
Continue reading → [DISPLAY_ACURAX_ICONS]Back in April, General Kelly, Secretary of the Department of Homeland Security, in Congressional hearings said that non-citizens might be detained or denied entry to the US if they didn’t let Homeland Security rummage through their electronic devices and maybe even make copies of them at the border. He seemed to indicate that this wasn’t […]
Continue reading → [DISPLAY_ACURAX_ICONS]As if Yahoo didn’t have enough trouble, it apparently was using a third party software library called ImageMagick which had a serious security bug in it. The library which is used to manipulate images is very widely used. Or at least, it was. Some people say that it has not aged well. Security researcher Chris […]
Continue reading → [DISPLAY_ACURAX_ICONS]Onelogin, a cloud based identity and access manager, reported being hacked on May 30th. This is the challenge with cloud based IDaaS managers. WARNING: Normally I try to make my posts non-techie. I failed at this one. Sorry! If the post stops making sense, then just stop reading. I promise that tomorrow’s post, whatever it is, will […]
Continue reading → [DISPLAY_ACURAX_ICONS]In 2013 Booz employee and NSA contractor Edward Snowden flew to Hong Kong after leaking huge quantities of highly classified NSA documents, proving that even the NSA is challenged to keep secrets under wraps. Those documents are still being dribbled out today. Earlier this year, when the FBI was trying to track down the Shadow […]
Continue reading → [DISPLAY_ACURAX_ICONS]