XSS Vulnerabilities Found In Tinder

Secunia Vulnerability

Researchers at vpnMentor were analysing Tinder and other dating applications when they discovered a Tinder domain, go.tinder.com, that had multiple XSS vulnerabilities. According to vpnMentor, the flaws could have been exploited to access Tinder users’ profiles. Following vpnMentor’s research please see below for commentary and insight from Rusty Carter, VP of Product Management at Arxan. Rusty […]

Looming PHP Expiration Deadline

Websites are facing a PHP deadline coming up in 10 weeks. The Popular PHP 05.x will stop security updates by the end of the year and currently 62% of all Internet sites are running on it. PHP is a general-purpose scripting language that runs on a web server. PHP is used mostly to create dynamic web […]

Number Of People Searching Cyber Security Recruitment Increases 93%

Cybersecurity

It has been revealed that there has been a 93% increase in the number of people searching for cyber security recruitment and related terms in Google, according to the latest figures by technology recruitment company Finlay James. The news comes after the ISC anticipated a worldwide shortage of 1.8 million cyber security professionals by 2022 but the lack of skills to tackle […]

IoT Code Of Conduct

With today’s IoT Code of Practice from the Department for Digital, Culture, Media and Sport (DCMS) and the National Cyber Security Centre (NCSC), wanted to share insight from Canonical – the company behind Ubuntu – around the need to instil a culture and OS rooted in security. Below Jamie Bennett, VP of IoT and Devices at Canonical commented, focused […]

Pentagon Data Breach Of 30,000 Personnel’s Credit Card Data

CNBC is reporting today that the Pentagon disclosed a cyber breach of Defense Department travel records that compromised the personal information and credit card data of up to 30,000 U.S. military and civilian personnel. IT security experts commented below. Pravin Kothari, CEO at CipherCloud: “In context, this breach at DOD is potentially part of a much […]

UK Govt Code Of Practice For IoT

Following the news that a recent investigation has revealed that Ministry of Defence secrets were exposed in dozens of breaches of military cyber security policy last year, IT security experts commented below. Edgard Capdevielle, CEO at Nozomi Networks: “Due to the criticality of their services, government networks have become a key target for cyber criminals […]

MoD Secrets Exposed In Data Breaches

data_Breach

Following the news that a recent investigation has revealed that Ministry of Defence secrets were exposed in dozens of breaches of military cyber security policy last year, Edgard Capdevielle, CEO of Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “Due to the criticality of their services, government networks have become a key target […]

Identity Authentication Caveats

Caveats about ‘Password’ Sometimes the word ‘Password’ is narrowly interpreted as ‘remembered text password’ and sometimes it’s taken broadly as ‘whatever we remember for authentication’. We are of the view that it would be desirable to define ‘Password’ broadly enough. As a denotational definition, it could be ‘Whatever we remember and recall volitionally for identity […]