We spent a good amount of time in the cybersecurity forum today talking about the Equifax breach. Here’s a summary of some of their key failures, reported by Josh Fruhlinger and based on A U.S. General Accounting Office’s report, and an in-depth analysis from Bloomberg Businessweek. Here are just two of the findings, as reported by Fruhlinger:…
Category: Commentaries and Analyses
Mum ‘realises any fingerprint can unlock her Samsung’ with eBay screen protector
Shivali Best reports: A mum in West Yorkshire says she was shocked to discover any fingerprint could unlock her Samsung smartphone after she’d fitted a £2.70 screen protector . Lisa Neilson, 34, from Castleford, bought the cover from eBay in the hopes of protecting her Galaxy S10 smartphone. However, once she’d set up her right and left thumb prints to unlock the smartphone,…
ANNOUNCE: Trying to build your resume as an ethical researcher and whitehat? Now there’s some help for you.
I won’t have much time to update news over the next few days while I am in Washington DC for the Privacy and Security Forum, but I just couldn’t wait until I got back to share what I hope is encouraging news for some of you. I know that there are a number of young…
When Test Data is Not Test Data
Jeremiah Fowler of Security Discovery tackles a common problem researchers and journalists experience all too frequently: There is a growing trend among organizations and companies to simply deny that live production data is real. As a security researcher I often hear that everyone is a small start-up and all data is test data, or it…
Imperva blames data breach on stolen AWS API key
Catalin Cimpanu reports: Cyber-security firm Imperva published today a detailed post-mortem report of a security breach the company disclosed two months ago, in August. The company blamed the security breach on an Amazon Web Services (AWS) API key a hacker stole from an internal system that was left accessible from the internet. Read more on ZDNet.
Hook, line and sinker: How I fell victim to phishing attacks – again and again
Charlie Osborne bravely discloses all the ways she fell for phishing attacks — even though she is clearly more knowledgeable and sophisticated than the average person. And if it can happen to her, it can happen to you. Or worse, me. 🙂 Read her article on ZDNet.