Your Passwords Were Stolen: What’s Your Plan?
Filed under: Development, Security
If you have been glancing at many news stories this year, you have certainly seen the large number of data breaches that have occurred. Even just today, we are seeing reports that Drupal.org suffered from a breach (https://drupal.org/news/130529SecurityUpdate) that shows unauthorized access to hashed passwords, usernames, and email addresses. Note that this ...
The Watering Hole: Is it Safe to Drink?
Filed under: Security
How many times have you been told you have a vulnerability that you just don’t understand its relevancy? Cross-Site scripting comes to mind for many people. Sure, they get the fact that you can execute script in the user’s browser, but often times they really don’t fully understand the impact. Of course, we determine that ...
Authentication Failure: Bank Transactions in Person
Filed under: Security
Usually I write about the security flaws that I have seen over the years both as a developer and a security professional. Recently, however, I was in a situation where I realized after the transaction, that there was no authentication to who I was. Of course, when we talk about technology, we discuss authentication a ...