Some advice from Bob, arrest made in the heartbleed attack on the Canadian Revenue Agency; Heartbleed used to bypass 2 factor controls,;Mandiant’s 2014 M-Trends report; The economics of security controls; 3 million credit cards stolen from Michaels and Aaron’s stores; Hardward company Lacie has a year long data breach.
Coke loses 55 laptops and 56000 records over 7 years; Private cyber espionage network in India; Review of the Shell_Crew hack using Adobe Cold Fusion exploit; Should we punish employees who fall for phishing emails?; Assuming your network has been hacked; more details on the Target breach are emerging.
Cause of recent DOE breach revealed to be outdated Coldfusion; 30% of adults willingly open emails they know are malicious; Spear phishing led to successful attacks on the nyt and twitter; DNS attack types
Cause of recent DOE breach revealed to be outdated Coldfusion: http://www.informationweek.com/security/attacks/energy-dept-hack-details-emerge/240160685
30% of adults willingly open emails they know are malicious: http://www.csoonline.com/article/738869/social-engineering-study-finds-americans-willingly-open-malicious-emails?page=1
Spear phishing led to successful attacks on the nyt and twitter: http://www.networkworld.com/news/2013/082813-spear-phishing-led-to-dns-273297.html?page=1
DNS attack types: http://images.infoworld.com/d/security/3-types-of-dns-attacks-and-how-deal-them-225826
Adobe warns customers of a Cold Fusion 0day, Washing courts owned by that 0day, web servers found compromised with the Cdorked/Darkleech, critical vulnerability in Nginx, Anonymous’ opUSA turned out to be a bunch of nothing, too many admins is bad for security, Name.com gets compromised, The Onion’s twitter feed is compromise by the SEA, slippery slope of BYOD and Google’s plans for authentication.