Good afternoon everyone. Sorry for the delay between posts but real world issues overwhelmed my time.
Now on to today’s InfoSec highlights.
2 – Wireless WPA encryption cracked in under a minute
3 – Can you trust Free AV Software
4 – Apple’s Snow Leopard includes Anti-virus Software
5 – Analysis of PCI effectiveness
Good morning everyone sorry I have not posted in the past few days, but real life has been calling. Today will be a short list of interesting InfoSec posts and blogs. Have a great day!
2 – 10 Digits that will change privacy as we know it
3 – 8 Dirty Secrets of IT Security Industry
I have been a memeber of NFCU since I joined the US Navy 20 plus years ago. And I hate to say that I have used their site on a daily basis and never once noticed the issue with the home page being unsecure. While the login information is sent secure once you have clicked on the submit button, the page itself is not. Therefore as Scott Jarkoff states this site is ripe for a phising scam.
When I visted the site today after reading the article I noticed a new “Security” link under the logon area. Clicking the link brings up a pop up window which goes about stating the Home Page is not secured by HTTPS but that the information entered is transmitted securely. Security FAIL!
A user can access a secure NFCU logon site by leaving the logon information blank and clicking the submit button, which drops you on to the expected HTTPS secure log on.
Read the whole post as well as a demand from RSA, which oversees NFCU security.
Good evening everyone! Hope your week is coming to a successful close.
Here are some InfoSec posts that I found interesting.
3 – Hacking a Voting Machine for around 100k
4 – eBay Password Vulnerability prompts change
5 – Navy CIO says cybersecurity is an urgent national issue
And of course the big interview with the CEO of Heartland discussing their security breach.
6 – Heartland CEO answers questions (blames others) about their Security Breach
