URL Shortening: A Hacker’s Delight, by Joshua Roback, SOC Supervisor

The social media revolution has created a new market for URL shortening services, such as tinyurl.com and bit.ly.  These services take a URL such as http://www.thesecuritysamurai.com/2011/06/23/the-corporate-security-halftime-report-corporations-0-hackers-over-9000-by-rory-smith-soc-analyst/ and create a redirect site at tinyurl.com/<random string of characters> such as tinyurl.com/6b3bktp.  This is particularly useful when linking to articles or media with long URLs such as the [...]

“Cookiejacking” IE vulnerability, by Gabriel Bellas, SOC Analyst

Just recently, we learned that an Italian IT professional by the name of Rosario Valotta discovered a vulnerability that affects every version of Microsoft’s Internet Explorer web browser.  The vulnerability allows a malicious user the ability to steal cookies from a user’s web browser. Once stolen, the sky’s the limit with what can be done [...]

Facebook’s New Two-Factor Authentication Implementation, by Miguel Brito, SOC Analyst

With all the recent data security breaches in the news, it seems that everyone is finally starting to realize the necessity of two-factor authentication in this day and age. Most recently, the social networking giant Facebook, announced their new implementation of a two-factor authentication method which they have dubbed “log-in approval”. The new implementation comes [...]