Facebook’s New Two-Factor Authentication Implementation, by Miguel Brito, SOC Analyst

With all the recent data security breaches in the news, it seems that everyone is finally starting to realize the necessity of two-factor authentication in this day and age. Most recently, the social networking giant Facebook, announced their new implementation of a two-factor authentication method which they have dubbed “log-in approval”. The new implementation comes [...]

Exploits triggered by popular news events, by Rory Smith, SOC Analyst

In the world of computer security, one of the weakest links is the “human factor”.  From the people who design the software to the ones that use it, simple human nature can make a secure system vulnerable. As such, hackers have long since relied on social engineering techniques to gain entry into otherwise secure systems [...]

Google & Facebook implementing two-factor Authentication, by Gabriel Bellas, SOC Analyst

In recent weeks, Google and Facebook users have noticed a sharp rise in their accounts being hacked. Since people keep some very sensitive information in their Gmail accounts, including their contacts, documents, etc, it is very important to make sure these accounts stay secure. To combat this problem, these sites have begun implementing two-factor authentication [...]

Knowing your enemy, inside vs. outside threats, by Joshua Roback, SOC Shift Supervisor

As we move into the future of large-scale data security, fears of external attack look to out-weight insider threats. According to a recent survey by Cyber-Ark, executives believe that protecting IT infrastructure from outside data breach will be a far more pressing task than controlling data access from inside the “trusted” organizational structure. The survey [...]

Rise of Malicious advertisements By Rory Smith, SOC Analyst

It should be no surprise that malicious activity is increasing exponentially; there is always someone in the wild attempting to discover vulnerabilities to exploit. A recent malware update report from Dasient has estimated a 100% increase in malvertising between the third to fourth quarters in 2010, indicating there are 3 million malicious impressions served daily [...]

USB as a Vector of Network Attack By Diego Ramirez, SOC Analyst

Much of the time when we tend to think of exploits we consider the vector of attack being network infiltration. Even Hollywood’s romanticized notion of the hacker shows someone attacking from a dank dark basement using the internet to attack an organization, walking away with precious data. While this is a very real threat, some [...]

How smart is Smartphone security? by Rory Smith, StillSecure SOC Analyst

In today’s fast paced society, the ability to perform tasks on the go is almost as, if not more important than breathing. We use our smart phones to perform banking transactions, check e-mails, browse the internet, socialize with friends and in some technical cases create VPN (Virtual Private Network) tunnels connecting the device as a [...]

Two Factor Authentication exploit by Gabriel Bellas, Still Secure SOC Analyst

Companies utilize two-factor authentication to add an extra layer of security to their systems. This can be in the form of a debit card and pin combination, RSA key, smart card, etc. The idea is that a user needs to have a token, and a password to authenticate. A very popular form of two-factor authentication [...]

Ad Provider Hijackings By Joshua Roback, ProtectPoint SOC Analysts, StillSecure

Among the multitude of malicious activity occurring everyday over the Internet, some argue that nothing is more damaging than when it comes from a “trusted” source. Two of the largest ad networks, DoubleClick and MSN, were recently compromised in a manner that is completely transparent to the everyday user.

McD’s Hacked: Would you like customer data with that Big Mac?

McDonald’s announced in an email to their customers Friday that Arc Worlwide, a marketing services arm of Ad giant Leo Burnett, was hacked and allowed a large amount of McDonald’s customer data to be “obtained by an unauthorized third party.”    According to an article in the Orange County Register: Arc Worldwide, a long-time business partner of McDonald’s, told [...]