Thanks to Yasser Ali, an Egyptian cybersecurity researcher, your PayPal account is currently safe. Ali discovered a critical vulnerability that would allow attackers access to PayPal user accounts using cross-site request forgery. PayPal’s bug-bounty program rewarded Ali with $10,000 as a token of thanks. For the full story on this discovery, click here:: All PayPal accounts were 1 click away from hijacking
Identity Theft Protection
Identity Theft Protection Articles, Tips and Services
If one data backup, replication, archival, and recovery provider is good then have a second or even a third one should be even better, right? Well, according to new data from EMC, having more than one integrated data protection program actually increases the chance of data loss and unscheduled downtime! Learn more about these findings here:: Too Many Data Protection Vendors Means More Data Loss, Downtime
Too many cyber crooks have embarrassed major companies and businesses by breaching into their data over the past year. Many cite the problem being that those companies didn’t use proper data loss software to prevent the hackers from taking data. Others believe the bigger issue is that companies don’t manage their data efficiently, exposing sensitive info to cybercrooks that the companies don’t even need.
The solution isn’t focusing on one or the other, since both need to be addressed. Data Loss Prevention software must be updated regularly, along with having the company’s IT staff consistently read up on newer software and steps to help keep their data in-house. The other issue is for companies to safeguard and note who has access to specific data in order to have a trail set in place in case there is a breach. They also should delete data that is no longer necessary in order to have less information that it needs to protect. Having such plans in place can save time, money, and headaches in the future. For more on this perspective, click here:: Data Management Vs. Data Loss Prevention: Vive La Difference!
With so much money spent on cybersecurity and other methods to prevent identity and credit card theft, it is clear that hackers are getting smarter and faster. However, while it is important to stay one step ahead of them in terms of software, many effective methods of protection remain unchanged. The basics of identity theft protection online and off still apply in 2014.
Regularly checking your credit report allows you to see if there is anyone other than yourself using your social security number. Keeping your credit card covered when shopping and regularly changing your card passwords keeps your credit protected offline. Online, only shop at verified, trusted retailers and log out when you have finished. These steps seem small and simple, yet prevent giant headaches later on. For more on this topic, please click here:: Vigilence is key to thwart ID theft
Recent events have revealed that cryptographic keys and digital certificates aren’t being used in an effective way. First, there was the DarkHotel campaign that targeted several traveling executives by taking advantage of misused digital certificates. Then the WireLurker malware Trojan allowed hackers to upload software onto iOS devices using compromised keys and certificates. This has to stop.
The infosec industry needs to wake up. Millions have been spent on keys and certificates to protect networks, data, and apps from being compromised, yet hackers already know how to get around them. The trust on digital systems for banking, mobile apps, and businesses is based on these certificates and keys, so change is needed in order to maintain that trust. For a full article on this topic, click here:: The Week When Attacks Started Winning the War On Trust