Monday, July 23, 2012

Voices against Yahoo! highlights the fundamental security failings

The quota is the quota AppId AppId
Security experts say that more than 453,000 violations Yahoo and other companies to publish details of the entry of customers under common enterprise is highlighted security failures.


Hacking group, D33Ds company known as, he posted details of the vulnerability exposed files had to.

"We hope that all parties responsible for the domain's security as a call-up and will be taken as a threat," D33Ds company says hackers.


Yahoo Yahoo has confirmed that this type of network, the Associated Content, Yahoo and other companies for a system containing a file name and password was compromised, but claimed that Less than 5% account password was still valid.


Sharing Voices Yahoo launched an online request for information. Associated with this material was developed and later acquired by Yahoo's.


Rob Rachwald, security firm Imperva said the director of security strategy highlights that violates the basic conservation measures how enterprises continue to ignore.


The third-party applications with the security challenges and highlights.


Rachwald said, "It's an impressive third parties need to secure development lifecycle is challenging. So, you put them behind a web application firewall is needed."





,, A secure cloud hosting company, FireHost senior security engineer Chris Hinkley said that SQL injection attacks exploit weaknesses in infrastructures IT hackers seeking to become the method of choice.


In a blog post, Rachwald wrote: "To add insult to injury, the password stored in clear text and hashed (encoded), it did not feel that the recent changes would encourage LinkedIn violation, but Not only will this episode.'s. hackers around the world excited, "Rachwald wrote in a blog post.


Hinkley said: "One of the most disturbing trends we are seeing the last few high-profile breaches, that organizations take reasonable steps to protect user information."


, address, phone number were also able to view, study details and date of birth.


needs.


He said no excuses for encryption of all sensitive information has long run out and data protection organizations or risk losing the trust of our customers need to follow the basic principles, "he said.


is never completely.


to eliminate the exploitation of reserves, "he said.


, Paul Ayers, vice president of European private investment firm Vormetric said the violation could potentially broad implications.


According to Ayers, an organization's starting point is not "if" it is hacked, but "when".


"Finally, a defensive perimeter around a network focused on being the bad guys do not take no more," Ayers said.


Ayers said database servers and Enterprise Information such as the crown jewels on hold, and organizations, the server's security and access control data to ensure needs.


I do, rest assured that the information can save lives.

No comments:

Post a Comment