Linked: DNA testing firm discloses data breach affecting 2.1 million people
|

Linked: DNA testing firm discloses data breach affecting 2.1 million people

There is an obvious question here, right?

Why do you still have this database sitting around?

Seriously, why? Either you’re telling the truth and you have a vulnerable system sitting out there that you’ve never even used, or you have been using it and you’re lying to save face now that data has been breached. Neither one makes you look particularly good, does it?

Linked: Over 1 million GoDaddy WordPress accounts breached
| |

Linked: Over 1 million GoDaddy WordPress accounts breached

The breach of the WordPress credentials is bad, as is the sFTP credentials. Sure, if you are still using the same WordPress password that GoDaddy assigned to you when you started the account, you really need to step up your game.

WordPress is an inviting target, because getting admin access to a WordPress install, or really any other content management system, makes it super easy to lock out the original owner and inject anything you want into the site. Want a place to spread malware in drive-by injections? Nothing like an already existing, and maybe even trusted, WordPress site, eh?

Linked: Federal Law Won’t Protect Your Organization from Bad User Access Control Practices
|

Linked: Federal Law Won’t Protect Your Organization from Bad User Access Control Practices

If you’ve seen references to a court ruling sort of redefining the Computer Fraud and Abuse Act recently, or even if you haven’t, this paragraph from the folks at McGuire Woods boils down the real life implications pretty well.

Linked: This World Password Day Diligently Review your Passwords
|

Linked: This World Password Day Diligently Review your Passwords

I’m a day late on this, but didn’t want to let it go without mentioning the day, and the importance of better password management. Several times people choose easy-to-remember passwords rather than focusing on security. With the rising concerns over data breaches and troves of usernames and passwords being dumped on the dark web every…

Linked: You’re very easy to track down, even when your data has been anonymized
|

Linked: You’re very easy to track down, even when your data has been anonymized

It’s easy to point at the Facebook or Google’s of the world, and blame them for violating our privacy when they’ve been tracking our personal information all over the web, but it’s not just them. It’s also all the organizations that promised us the data they were tracking was “safe” because it’s all aggregated and…

The Poynter Institute Tried to Take On Fake News, Learned It’s Not So Easy

The Poynter Institute Tried to Take On Fake News, Learned It’s Not So Easy

I found this story a little late, but I find it to be illustrative of the whole difficulty with trying to fight what has become known as “fake news”. This was the attempt: On Tuesday, April 30, Poynter posted a list of 515 “unreliable” news websites, built from pre-existing databases compiled by journalists, fact-checkers and…