Communications | Posted 28 Oct 2015 | Comments Off on Bleep User Privacy Compromised? | 1,561 views

Bleep, the private messaging app billed as no personal info required, has laid the foundation for tracking its users. The latest version in the Play store (version¬†1.0.753) requires Identity and Profile privileges on Android phones. When a user …

Data Management, In Other News | Posted 12 Jan 2015 | Comments Off on Obama Proposes 30 Day Hack Notification | 2,224 views
Secure Data

President Obama is pushing new legislation called the Personal Data Notification and Protection Act. This law, if enacted, will standardize the consumer notification requirements in the event of data breach. Under the law, companies would be required to notify …

Defense In Depth | Posted 11 Jan 2015 | Comments Off on Microsoft Limits Advanced Notifications | 2,236 views
Microsoft Windows Logo

According to a recent blog post, Microsoft will be limiting access to its Advanced Notification Service. ANS provides customers with a heads up of the upcoming patches, which allows them to schedule changes and maintenance windows. Chris Betz wrote …

In Other News | Posted 6 Jan 2015 | Comments Off on Moonpig API Exposes Customer Info | 8,886 views

Security researcher Paul Price discovered a flaw in the API used by UK greeting card company Moonpig. Their API does not require authentication and exposes customer account details.¬† He notified them of his findings in August 2013. After 17 months, …

Communications | Posted 5 Jan 2015 | Comments Off on Gogo Caught Forging SSL Certificates | 1,968 views

Inflight internet connectivity provider Gogo has been caught forging SSL certificates and serving them to their customers. Flyer Adrienne Porter Felt tweeted a screenshot of the a forgery for Google. Her tweet: hey @Gogo, why are you issuing *.google.com certificates

In Other News | Posted 4 Jan 2015 | Comments Off on Clock Runs Out on Microsoft Zero Day | 2,349 views

Microsoft failed to patch a zero day exploit before the automatic 90 day clock ran out. A research submitted a privilege escalation vulnerability in Windows 8.1 to Google’s Project Zero. The bug allows a local user to trick a …

Communications | Posted 30 Dec 2014 | Comments Off on How secure is your wearable? | 1,964 views

We know that common passwords are relatively easy to brute force. Now imagine that you are forced to use a 6 digit number for your password. How long would it take someone to get your password?

Security company Bitdefender has …

Defense In Depth | Posted 28 Dec 2014 | Comments Off on Ready for PCI DSS 3.0? | 1,653 views

Credit card data breaches are be becoming more prevalent in the news. Breaches result in lost time, money, and reputation for everyone except the hacker. Vigilance is critical.

Vendors have until January 1st to be compliant with the latest PCI …