A Hidden Insider Threat: Visual Hackers
12/23/2015Ponemon experiment shows how low-tech white-hat hackers, posing as temps, captured information from exposed documents and computer screens in nearly nine out of ten attempts.
Post a Comment
Author
Profile of Mari Frank
Attorney & Privacy Expert News & Commentary Posts: 1Mari Frank, an attorney and certified privacy expert, is the author of the "Identity Theft Survival Kit," "Safe Guard Your Identity," "From Victim to Victor," and "The Guide to Recovering from Identify Theft." Since 2005 she's been the radio host of "Privacy Piracy" a weekly show on KUCI 88.9 FM in Irvine, CA and Kuci.org, dealing with privacy issues in the information age. She consults with companies on privacy issues and mediates privacy disagreements so disputants can resolve their privacy/technology issues privately and confidentially without a court battle.
Articles by Mari Frank
Ponemon experiment shows how low-tech white-hat hackers, posing as temps, captured information from exposed documents and computer screens in nearly nine out of ten attempts.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17368
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
PUBLISHED: 2018-09-23
From DHS/US-CERT's National Vulnerability Database CVE-2018-17368
PUBLISHED: 2018-09-23
An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
CVE-2018-17369PUBLISHED: 2018-09-23
An issue was discovered in springboot_authority through 2017-03-06. There is stored XSS via the admin/role/edit roleKey, name, or description parameter.
CVE-2018-17400PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by intercepting the user name and PIN during the initial configuration of the application.
CVE-2018-17401PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature.
CVE-2018-17402PUBLISHED: 2018-09-23
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This