Tag: security
-
Large security breach involving fast food outlets and banks in SA
A variant of the Dexter malware has apparently been running on POS systems unchecked for quite a while. All of SA’s banks have been hard hit by the losses incurred as a result of arguably one of the largest security breaches in SA history. More info here: http://www.techcentral.co.za/sa-banks-in-massive-data-breach/44338/
-
Personal security, Digital Security and Identity Theft
We live our lives in an always-on digital world these days. Medical, banking, shopping, services, mobile, multimedia – all of these are engaged with and executed on-line. Along with a whole host of threats including viruses, malware, phishing, pharming, advanced persistent threats and more. Not only do we have to deal with threats from the…
-
The cloud and security
Moving your applications and data into the cloud presents a paradox when talking about security. A recent Thales survey found that over 60% of respondents thought that the cloud provider was responsible for protecting their sensitive and/or confidential data. And over 50% said they didn’t know what their cloud provider does to protect their data.…
-
10 Immutable laws of security administration
Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if the secure way also happens to be the easy way Law #3: If you don’t keep up with security fixes, your network won’t be yours for long Law #4: It doesn’t do much good to install…
-
WordPress 3.5.2 updates security
For those using WordPress, you’ll be happy to know that version 3.5.2 has just been released with a number of fixes including SSRF ( server-side request forgery ) attacks, a number of components updated to fix XSS ( cross-site scripting ) holes and DoS ( denial of service ) attacks on WordPress’ post password protection…
-
Linkedin security issues with DNS redirection
Starting yesterday, Linkedin went offline for a period of time due to a DNS redirection problem. Essentially when going to the www.linkedin.com site, one would in actual fact be visiting an alternate site that was not actually Linkedin. This issue is generally known as DNS Hijacking. Data that may have been compromised due to users…
-
SARS e@syFile issues
e@syFile is SARS’ client tool to manage your taxes and payroll components. It can work in an off-line mode, but allows you to connect via the Internet to SARS once you are ready to submit documents. With regards to usability, the tool is pretty poor. Having followed the process myself for PAYE Reconciliation, I can…
-
ADSL Router Security in the crosshairs
It’s long been a bugbear of mine when ADSL modems are used at the perimeter of networks as the security device/firewall. Including the fact that many of these units are made to the lowest cost possible and have many vulnerabilities, they are holy unsuited to the task of providing decent security. That’s why I always…
-
A little hackathon
I recently decided to move my Joomla installation from v1.5 to 2.5, a not-inconsiderable task considering that there is no direct upgrade from 1.5. It took some time to get the Jupgrade free tool working but finally I got all my content moved across. Of course, 1.5 templates are not compatible and so started a…
-
Who is looking at who
Analysis of website usage is a huge part of understanding how to improve websites, how to give visitors a better surfing experience and how to maximise the time a visitor spends on a site ( potentially purchasing items while they are there ). SEO, or search engine optimisation, goes hand in hand with site analysis…
-
Apples can get viruses
After years of deceiving its clients, Apple has finally admitted that its products can get viruses, something most of us have known all along. The Mac maker changed the wording on its “Why you’ll love a Mac” page from stating “It doesn’t get PC viruses” to “It’s built to be safe”. The same page also…
-
A week of hacks
This week has been one massive hack; 1st LinkedIn, then eHarmony and now Last.fm. What is especially galling is that none of these companies salt their stored passwords – considering that unsalted password hashes are easily deciphered with the massive computing power available to anyone these days, this is a huge faux pas. “Salting stored…
-
Digital rights and your personal freedom
“We live in a democracy. Or so they told us.” If you take a look at democracies around the world today, you’ll find governments that behave in a completely undemocratic way. One just has to look at the lengths the US has gone to, in undermining the Bill of Rights in the pursuit of terrorism…
-
It’s phishing and pharming XMas time again!
Scammers and authors of malicious software will take any opportunity to trick users into doing something they shouldn’t – holidays are a favourite time for the scammer. At Xmas, we all have that warm and fuzzy feeling. But so do the scammers and they prey on a softening of attitudes towards security at this time…
-
Internet Explorer the safest browser – yeah right!
Microsoft has always bigged up their products using whatever mechanisms they can, including paid-for campaigns/ads and sometimes outright lying. The latest statement that IE is the most secure browser ( according to their yourbrowsermatters website ) fits into this latter category. One has to wonder how Microsoft comes about the scores provided on the site.…