What do you think of when you see this little guy on a webpage:
You’re probably thinking something along the lines of “it means the page is secure”. The more tech savvy among you may suggest that it means HTTPS has been used to encrypt the content in transit.
The problem is that it doesn’t mean anything of the kind. In fact it had absolutely nothing to do with website security. And therein lies the problem – the padlock lies to us, it implies things that it is not and it’s downright misleading.
Excellent post, read more at troyhunt.com
What’s JailbreakMe? It’s an easy way to jailbreak an Apple iOS device using a PDF (related) vulnerability.
It’s done with a “drive-by” style exploit.
All somebody needs to jailbreak their (newer) iPad/iPhone/iPod is to visit jailbreakme.com and to touch the free/install button. The German Federal Office for Information Security has issued a warning about this. They’re concerned about the potential for targeted malicious attacks using trojanized versions of the JailbreakMe exploit.
Election fraud and accusations of rigged voting might be as old as US election systems themselves, but some may wonder, if a hacker can gain access to the election voting system, how secure are elections anyway?
The AntiSec movement is definitely rolling along, but Anonymous is pointing to a recent hack that could raise some serious questions over the integrity of voting in Florida. It seems that a hacker who uses Twitter obtained parts of the Florida voting database which has been subsequently posted to Paste2. It appears that the hacker in question wanted to show that voting fraud can easily happen today and dumped parts of the Florida database to prove it.
The NHS has signed a deal with Zscaler – a cloud-based security and bandwidth management company.
A document seen by IT Pro detailed a Zscaler webinar stating the NHS was a customer, even though no formal announcement has been made.
Zscaler’s product offering sends all customer traffic through the cloud, analyses it and then allows organisations to add policies on both security and bandwidth management.
No further details on the contract have been officially released.
Its key protection areas include email, web security and data loss prevention. The last area will be important for the NHS, which has seen data leave its premises and go missing numerous times.
This is an old post but it keeps happening along the years.
Despite high-profile security breaches such as Jack Straw’s Hotmail account being compromised, and cybercriminals gaining access to celebrity Twitter accounts after cracking an administrator password, a third of computer users are still using the same password for every website they access according to newly revealed stats* from Sophos.
Very few computer users seem to have woken up to the risks of using weak passwords and the same ones for every site they visit. With social networking and other internet accounts now even more popular, there’s plenty on offer for hackers and by using the same password to access Facebook, Amazon and your online bank account, you’re making it much easier for them.
Recent news: 26,000 sex website passwords exposed by LulzSec