START CONTENT * Anthem, the second largest healthcare company, had a major breach * They lost around 80 million socials, addresses, emails, etc., which is roughly double the Target breach * There’s speculation that it was China, trying to penetrate government, but it’s early * Watch for phishing scams related to it * The megabreaches continue…weee! * A WordPress plugin called FancyBox had a serious compromise in it last week, which affected thousands of websites * If you’re going to run WordPress, understand that Plugins are the best way to get yourself hacked * Specifically, the type of plugins that handle user input and do something with it that affects the site’s output * Image manipulation plugins have been particularly vulnerable, usually to XSS * There was another critical Flash vulnerability this week * Like I said last week, and the week before, there’s a first time for everything * Three bug hunters at HP received the 125,000 prize for finding a major vulnerability in Internet Explorer * Because they work for HP they couldn’t take the cash, and instead donated it to charity * Microsoft released Outlook for iOS last week, which looks pretty slick * Unfortunately it is riddled with security flaws * Recommendation: wait for a few updates, and for them to get a security assessment END CONTENT Play Podcast
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
START CONTENT * Anthem, the second largest healthcare company, had a major breach * They lost around 80 million socials, addresses, emails, etc., which is roughly double the Target breach * There’s speculation that it was China, trying to penetrate government, but it’s early * Watch for phishing scams related to it * The megabreaches continue…weee! * A WordPress plugin called FancyBox had a serious compromise in it last week, which affected thousands of websites * If you’re going to run WordPress, understand that Plugins are the best way to get yourself hacked * Specifically, the type of plugins that handle user input and do something with it that affects the site’s output * Image manipulation plugins have been particularly vulnerable, usually to XSS * There was another critical Flash vulnerability this week * Like I said last week, and the week before, there’s a first time for everything * Three bug hunters at HP received the 125,000 prize for finding a major vulnerability in Internet Explorer * Because they work for HP they couldn’t take the cash, and instead donated it to charity * Microsoft released Outlook for iOS last week, which looks pretty slick * Unfortunately it is riddled with security flaws * Recommendation: wait for a few updates, and for them to get a security assessment END CONTENT Play Podcast
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
Nyd den ubegrænsede adgang til tusindvis af spændende e- og lydbøger - helt gratis
Dansk
Danmark