Pierluigi Paganini, a fellow security blogger in Italy, wrote about a situation with Vodaphone where a Vodaphone employee rumaged through a journalist’s texts and phone calls to try and find the source of a story that the journalist wrote which was critical of Vodaphone’s security. The journalist, Natalie O’Brien, pictured above, described it as “creepy […]
Continue reading → [DISPLAY_ACURAX_ICONS]After the Ashley Madison breach, everyone sighed a breath of relief because the passwords were encrypted with bcrypt. Bcrypt, as used by Ashley Madison, hashed the password 4,096 times. That calculation meant that even with fast computers it would take centuries to crack all of them. Until a group of hobbyists – yes hobbyists, not professional […]
Continue reading → [DISPLAY_ACURAX_ICONS]As researchers continue to review the data dumps from the Ashley Madison breach, there are lessons to be learned from what has been found. While Ashley Madison claimed to have good security, the evidence does not support that. For example, the VPN password from the Internet to their servers was Pass1234, according to one article […]
Continue reading → [DISPLAY_ACURAX_ICONS]Cancer Care Group, an Indianapolis based Oncology practice learned a lesson the hard way. They allowed an employee to have an unencrypted laptop and a server in his car, from which both computers were stolen. They discovered that the computers contained protected health information – social security numbers and insurance data for 55,000 patients. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]Price Waterhouse surveyed 500 business executives, law enforcement services and government agencies and here are some of the results: 28 percent say that their security leaders make NO presentations to the board ever 26 percent say that their boards receive a single security presentation per year. Neither of these answers warms my heart, but they […]
Continue reading → [DISPLAY_ACURAX_ICONS]Skyhigh Networks, a cloud security product vendor, did an analysis of data from government employees on cloud service usage. They say that the average public sector organization uses 742 cloud services, of which 60 are sanctioned. That means that typical organization uses 682 services that no one has looked at the security of – or […]
Continue reading → [DISPLAY_ACURAX_ICONS]