Blog: Security Breaches

Security Breaches Facebook Access Tokens Were An AppSec Issue That Tools Won’t Catch Read More
October 3, 2018 -

Yesterday I was doing training for a team of architects, project managers and developers at a client and I realized that a deeper discussion of the issue at Facebook might be instructive. In looking at the issue in more detail, I came to understand that it makes a perfect learning example for why application security […]

Read More
Security Breaches Popular Media Coverage of Software and Formal Methods Read More
October 15, 2017 -

It is interesting … in the wake of Equifax and other recent news, The Atlantic has published several articles about software: Saving the World From Code The Banality of the Equifax Breach I say it is interesting because I am completely torn about both of them.  On the one hand, they are correct.  The Equifax […]

Read More
Equifax: What’s the Score Read More
September 18, 2017 -

Introduction Late last week (around 9/15/2017) it was reported that the CIO and CSO at Equifax “resigned”.  Equifax stock is down by around 30%.  The FTC is launching an investigation and findings and settlements are likely to be in the $100’s of millions or more.  Clearly there are going to be short and medium term impact […]

Read More
Security Breaches Mitigating the Vulnerability Widely Thought to Have Caused the Equifax Breach Read More
September 12, 2017 -

The recent Equifax data breach may have exposed Personally Identifiable Information (PII) on over 143 millions Americans. It appears that this breach was caused by a Struts vulnerability – which allows a remote user to run code on a site. This vulnerability would be categorized under #9 of the OWASP Top 10 list of the Most Critical […]

Read More
© 2019-2022 Jemurai. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram