Worldwide LocationsActivIdentity Blog
« Back to Blog HomepageSecurity Hacks – Industry News Wrap-up – ActivIdentity Blog
Sep 23, 2011 2:17pm | 0 Comment
Why hackers don't need to be smart Roger A. Grimes refutes the claim that malicious hacking has become more sophisticated than ever by pointing out that the same tools are being used to exploit companies’ websites. Grimes claims that businesses and end-users simply aren’t taking the necessary steps to protect themselves, which increases the vulnerability for application exploits and SQL injection – two of the most common methods of compromise.
Firm sends bots into chats to solicit stolen data
What happens once your data is stolen? Online banking credentials, Social Security numbers and the like sometimes end up in underground networks – chat rooms and invitation-only forums – to be bought and sold. Bloomberg’s Michael Riley reports on “robot informants,” or “chat bots,” based on artificial-intelligence software designed to pose as hackers during these potential transactions and solicit stolen data.
Microsoft fixes SSL 'kill switch' blooper
Recent security breaches have prompted the removal of root certificates from multiple corporations in order to protect themselves from potential attacks in the future. ”SSL certificates are used by websites and browsers to identify a site as legitimate” and once the integrity of a website has been compromised, the possibility of “man-in-the-middle” attacks are likely. Our own Philip Hoyer recently wrote a blog post in which he claims that SSL TLS V1.0 protocol is dead – and the only way to protect transactions until the infrastructure is updated is to utilize OTP and PKI technologies.
Tags: n/a
Post a Comment
All fields are required.
Legal Disclaimer
Some of the individuals posting to this blog website work for ActivIdentity Corporation ("ActivIdentity"). Opinions expressed in the blog postings and in any corresponding comments are the personal opinions of the original authors, not of ActivIdentity. The blog postings are provided for informational purposes only and are not meant to be an endorsement or representation by ActivIdentity or any other party. This blog website is available to the public. ActivIdentity moderates the comments and comments will not be posted until they are approved by the moderator. ActivIdentity does not guarantee that your comments will be posted to this blog website and ActivIdentity may refuse to post any comments in its sole discretion. No information you consider confidential should be posted to this blog website. By posting comments, you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to this blog website. You release ActivIdentity from any liability related to your use of this blog website and the content on this blog website. Your use of this blog website is also subject to the terms and conditions of the ActivIdentity Legal Notice available at http://www.actividentity.com/legal/ (the "Legal Notice"). The blog postings are "materials" and any comments that you post to this blog website are "feedback," each as defined in the Legal Notice.
Some of the individuals posting to this blog website work for ActivIdentity Corporation ("ActivIdentity"). Opinions expressed in the blog postings and in any corresponding comments are the personal opinions of the original authors, not of ActivIdentity. The blog postings are provided for informational purposes only and are not meant to be an endorsement or representation by ActivIdentity or any other party. This blog website is available to the public. ActivIdentity moderates the comments and comments will not be posted until they are approved by the moderator. ActivIdentity does not guarantee that your comments will be posted to this blog website and ActivIdentity may refuse to post any comments in its sole discretion. No information you consider confidential should be posted to this blog website. By posting comments, you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to this blog website. You release ActivIdentity from any liability related to your use of this blog website and the content on this blog website. Your use of this blog website is also subject to the terms and conditions of the ActivIdentity Legal Notice available at http://www.actividentity.com/legal/ (the "Legal Notice"). The blog postings are "materials" and any comments that you post to this blog website are "feedback," each as defined in the Legal Notice.
Subscribe to our RSS FeedSearch Blog
Category
Identity & Access ManagementRecent Posts
Recent Comments
Blogroll
The Forrester Blog For Security & Risk ProfessionalsComputer Weekly: David Lacey's IT Security Blog
Infosecurity Magazine: Security Viewpoint
Pro Security Zone: Editor's Blog
IT Pro
Adventures in Security
ha.ckers.org
Information Security: Security Bytes
Krebs on Security
SC: Data Breach Blog
Schneier on Security
Securosis
GovInfoSecurity.com: The Security Scrutinizer
GCN Tech Blog
Cybersecurity
Gartner Blog Network
Cnet: Insecurity Complex
Computerworld: Security Impact Blog
Computerworld: Security is Sexy
eWeek Security Watch
InformationWeek Security Weblog
Network World: Security Strategies Alert
ZDNet.com: Zero Day
Bank Info Security: Industry Insights
Bank Technology News
CRN Community: Hot Topics
Threatpost: Digital Underground