Chick-fil-A Breach: Avoiding 5 Common Security Mistakes
1/9/2015On the surface these suggestions may seem simplistic. But almost every major retail breach in the last 12 months failed to incorporate at least one of them.
Post a Comment
Author
Profile of Kevin Watson
CEO, VendorSafe Member Since: 1/5/2015Author
News & Commentary Posts: 1
Comments: 0
Kevin Watson joined VendorSafe as CEO in November 2014, bringing considerable experience in data security, managed technology services and high-growth technology companies. VendorSafe specializes in providing state-of-the-art-data cloud-based firewall solutions tailored for retailers, franchises and quick serve restaurants and has been a leader in the field for more than seven years. From 1998-2014, Kevin was co-founder and managing director of C/max Capital where he led the firm's investments in About.com (taken public then sold to Primedia), Adjoined Consulting (sold to Kanbay), Verid (sold to EMC), Concordia (sold to Kadmon) and KMC Software. Kevin received a Bachelor of Science in engineering from Cornell University.
Articles by Kevin Watson
On the surface these suggestions may seem simplistic. But almost every major retail breach in the last 12 months failed to incorporate at least one of them.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17368
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
From DHS/US-CERT's National Vulnerability Database CVE-2018-17368
PUBLISHED: 2018-09-23
An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
CVE-2018-17369PUBLISHED: 2018-09-23
An issue was discovered in springboot_authority through 2017-03-06. There is stored XSS via the admin/role/edit roleKey, name, or description parameter.
CVE-2018-17400PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by intercepting the user name and PIN during the initial configuration of the application.
CVE-2018-17401PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature.
CVE-2018-17402PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This