Advanced Penetration Testing -Week-11 Advanced Penetration Testing -Week-12
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
MIS 5212-Advanced Penetration Testing
MIS 5212 - Section 001 - Wade Mackey
MIS 5212-Advanced Penetration Testing
MIS 5212 - Section 001 - Wade Mackey
I often wonder how many companies could have avoided major security breaches if their companies did annual pen testing against their environment? I just found out that one of my favorite department stores had a security breach and they will not be held responsible if fraud activities were to appear on any of their customers accounts.
https://www.saksfifthavenue.com/include/aem/aem_static.jsp?page=security-information-notice&site_refer=EML
Tech industry completes its standards for banishing passwords
https://www.engadget.com/2014/12/09/fido-alliance-publishes-specs/
The FIDO Alliance (Google, Microsoft, PayPal, and others) have just published
a ‘password free’ standard that works with both single and two-factor authentication
and relies on the use of sign-in methods other than passwords, (e.g., some fingerprint
readers, USB dongles, etc.). It may take some time before it becomes accepted as a
practical alternative to using passwords because it doesn’t support existing authentication
mechanisms like Apple’s Touch ID fingerprint system or Bluetooth.
https://www.silicon.co.uk/security/cyberwar/delta-breach-customer-payment-details-231045
Another big data leak, this time from Delta. How are the security teams not scrambling at these orgs to find vulnerabilities and fix/patch them? It’s getting to the point where we as consumers don’t really have a choice when using some of these services, and yet we are the losers when companies are irresponsible.