Your Passwords Were Stolen: What’s Your Plan?

Posted by on May 29, 2013 · Comments Off on Your Passwords Were Stolen: What’s Your Plan?
Filed under: Development, Security 

If you have been glancing at many news stories this year, you have certainly seen the large number of data breaches that have occurred. Even just today, we are seeing reports that Drupal.org suffered from a breach (https://drupal.org/news/130529SecurityUpdate) that shows unauthorized access to hashed passwords, usernames, and email addresses. Note that this ...

The Watering Hole: Is it Safe to Drink?

Posted by on May 7, 2013 · Comments Off on The Watering Hole: Is it Safe to Drink?
Filed under: Security 

How many times have you been told you have a vulnerability that you just don’t understand  its relevancy?  Cross-Site scripting comes to mind for many people.   Sure, they get the fact that you can execute script in the user’s browser, but often times they really don’t fully understand the impact.  Of course, we determine that ...

Authentication Failure: Bank Transactions in Person

Posted by on May 3, 2013 · Comments Off on Authentication Failure: Bank Transactions in Person
Filed under: Security 

Usually I write about the security flaws that I have seen over the years both as a developer and a security professional.  Recently, however, I was in a situation where I realized after the transaction, that there was no authentication to who I was.  Of course, when we talk about technology, we discuss authentication a ...