SonyPictures Site Compromised
We have written diaries on Sony’s security woes over the past few months, first one was a DDoS against its infrastructure [1] followed by the hacking of the Sony PlayStation network that took their network offline for several weeks, affecting all its PlayStation customers [2]. This week, SonyPictures was compromised by a group of individuals calling themselves LulzSec who took over 1,000,000 unencrypted plaintext customer password. Last week, another attack took place, this time against Sony Music Entertainment Greece website [3] who took usernames, passwords, email addresses and phone numbers.
One question comes to mind. With all of this data lost, if a PCI compliant corporation can be this easily targeted and compromised, is PCI a good standard to measure security posture?
[1] http://isc.sans.org/diary.html?storyid=10654
[2] http://isc.sans.org/diary.html?storyid=10768
[3] http://mashable.com/2011/05/24/sony-hacker-attack
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Oracle Java SE Critical Patch Update Pre-Release Announcement - June 2011
Next Tuesday, Oracle is planning to release a Java SE Critical Patch Update that will contain 17 new security fixes which may be remotely exploitable without authentication. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible." [1]
[1] http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Release of Wireshark 1.6.0rc2
This is the second release candidate of the upcoming 1.6 (stable) branch. This new branch contains several new enhancements and bug fixes. For example, support for files greater than 2 GB, it can export SSL session keys, it can export SMB objects, graphs now save as PNG images by default to name a few. It also supports a large number of new protocols. This update can be downloaded here.
[1] http://www.wireshark.org/lists/wireshark-announce/201106/msg00000.html
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago