Wearables in the Workplace, Get the Policy Right Today

Do your workplace policies cover wearable devices? Many commercial and Government facilities ban cameras and cellular phones with cameras, but having such policies and not enforcing them can hurt you in the wake of a successful attack. If you routinely ignore a security policy and someone violates it, then you may be left holding the bag — I’ve…

Details

Target Hires Its First CISO

Target hired former General Motors executive Brad Maiorino as its first chief information security officer (CISO), the retail giant said. As the company’s new—and first—CISO, Maiorino will be responsible for Target’s information security and technology risk strategy. Maiorino is expected to begin his new role as CISO and senior vice president June 16. He will…

Details

Twitter Fixes Cross-Site Scripting Flaw in TweetDeck

Twitter fixed a cross-site scripting flaw in its popular TweetDeck application Wednesday, after millions of users were hit with a malicious script targeting the vulnerability. The vulnerability allowed anyone to place a script in a tweet. Once the tweet appeared inside TweetDeck, the code could execute actions and be automatically re-tweeted to other accounts. The…

Details

New OpenSSL Man-in-the-Middle Vulnerability Revealed

There is a new exploit in OpenSSL that can allow a man-in-the-middle (MITM) to intercept and decrypt traffic and modify traffic between the vulnerable client and server, according to an OpenSSL advisory. The attack can only be performed between a vulnerable client and server. According to the advisory, all OpenSSL clients are vulnerable where servers…

Details

6 Tips to Avoid Scammers on LinkedIn

LinkedIn announced in April that it had surpassed 300 million users. While LinkedIn has become a valuable networking tool and even somewhat of a useable social networking platform, especially its Groups, like all such platforms it attracts unsavory types. As of today there are actually 348,553,337 LinkedIn “accounts.”  I can tell because I get several…

Details

Gameover Zeus and Cryptolocker Botnets Shut Down! But Wait, Are they Really?

The US department of Justice has announced with not just a touch of self congratulations that they have taken down the Gameover Zeus and Cryptolocker botnets. The Gameover Zeus malware intercepted the bank account numbers and passwords that unwitting victims typed into computers into the US which were then used to empty their accounts. In…

Details