CBS Sports App, Mobile Site Left Millions of Users’ Personal Data Exposed
CBS recently fixed a vulnerability in its popular Sports application that could have exposed users to man-in-the-middle attacks and inadvertently leaked personal data. According to researchers, upon registration, users’ names, email addresses, account passwords, dates of birth, and zip codes were all sent over an unencrypted connection, in cleartext, to the [...]
FBI Cyber Warning: Ignore Your CEO’s E-Mail And Phone Her Back — Or Your Company May Pay For It
The FBI is warning people about a business email scheme which has resulted in huge losses to companies in Phoenix and other U.S. cities. Here’s how the scam works: A CEO seemingly emails an employee — typically in a finance or administrative role — instructing them to perform a wire [...]
What is two factor authentication?
You may have heard the term ‘two-factor’ or ‘multi-factor’ authentication. If you haven’t heard of these terms, chances are you’ve experienced this and not even known it. The interesting thing is that two factor authentication is one of the best ways to protect your accounts from being hacked. So what [...]
PwC Report Shows Cybercrime in the UK is Growing Rapidly
In the latest edition of their Global Economic Crime Survey, PricewaterhouseCoopers have announced a finding of a 20% increase in cybercrime, making it the fastest growing category of economic crime. The UK seems to be the most severely affected, with 55% of organisations being affected by some type of cybercrime, [...]
Six Best Practices for Security Testing in the SDLC
Even if an application has been built following security and defensive coding best practices, it will still require significant testing before it's ready for release. Whether this is routine testing for common vulnerabilities or security-focused penetration testing to pick up on the types of problems that often slip through the [...]