First up, I've got a great story from the always wonderful Wired, about just how ubiquitous being attacked really is these days: Everyone Has Been Hacked. Now What? is a quick 3 page read that outlines several of the more widely known breaches of the last few years, along with some pretty terrifying statistics. The article states that the average attack on a company goes on for more than a year before it's even discovered, which is actually a step up from the past where attackers could be squatting for multiple years before being found out. With attacking becoming so commonplace, what tactics are you planning on adopting this year to best prepare yourself for the ongoing risks of doing business online?
Next, we've got one of my favorite pieces of social media seemingly having a bad start to their week: Thousands of Twitter passwords exposed. With 59,000+ usernames and passwords leaked this week, it looked like a pretty significant breach of Twitter's data, and sent more than a few prodigious tweeters off to Airdemon to see if they were going to be affected. What a difference a few hours makes in investigation though, as Twitter was quick to point out that the supposed breach, was in fact more of a hoax: Twitter Downplays Breach That Exposed Passwords. With over half of the data coming from blocked or spam accounts, and many of the usernames and passwords not actually linked to each other, it looks like this data was compiled from various sources and that Twitter itself was not in fact compromised. No Fail Whale here after all!
Then there's the story of the FBI's warning to people accessing wireless networks while traveling: FBI: Beware of software updates on hotel connections. You're about to leave your hotel in downtown NYC for your business meeting, and you're pulling together a few last minute tweaks to your presentation deck. Suddenly a pop up window notifies you that a "widely used software product," needs to be updated. You click, and unwittingly install malware on your machine. Pretty genius attack if you ask me. I'm curious if any of my Monkey Minions know what "product" they're referencing in the article. Drop me a line, if you think you know, and make sure to run all your updates before you hit the road!
Here's a few more bits the Pips thought were good reads this week:
NBC Chicago : Why You Shouldn't "Unsubscribe" From Spam (this is my favorite story this week.)
My last item is a picture that keeps showing up in the feed, that really is a perfect example of horrible network security. I'm sure that ESPN has some difficulty with the huge number of reporters they have to deal with on a regular basis, so posting the wireless password information on the wall might make keep an overworked IT professional sane. Perhaps they've completely segmented that particular wireless connection from the rest of their network, so it really is a secure time saver? You'd think that they'd still manage to not stand directly in front of it during a broadcast. I'm sure a large number of network security engineer/baseball fans facepalmed very hard at that moment.
That wraps up the monkey-business this week. As always, drop me a line or feel free to comment below, and we'll see you next week.