Twitter said that it was hacked again on Friday, 2/1/13, and attackers gained access to 250,000 accounts and passwords.
Twitter says the passwords were encrypted, the intrusion was limited, and and everyone’s taxes are going down soon (okay, I was kidding about the last one). It’s always hard to sort out what is true and how much of the truth is told, so regardless of what Twitter says, change your password.
We all know that LinkedIn was hacked and lost at least 6.5 million hashed passwords, or at least that’s how many were was posted. Besides changing passwords, is anyone thinking about their LinkedIn lock-down/security settings? What about other social media? See further below instructions for locking down LinkedIn, Facebook, Twitter, and Google+.
On 4/13/11, WordPress announced it suffered a root-level hack of their servers and that “anything on those servers could have been revealed.”
Nothing is said about WHEN the hack occurred. From experience, I can tell you that you generally don’t announce a security incident until you’ve investigated it thoroughly, and that can take at least a day, sometimes more, depending on whether you have experts in-house or can get them in a hurry.
This attack directly affects only blogs or accounts hosted by WordPress (in other words, your blog URL ends with “wordpress.com”. If you host your own WordPress blog, you are indirectly affected. How? Since WordPress source code may have been compromised, attackers may be combing through it to find vulnerabilities that will allow them to attack any blog running WordPress, regardless of where it’s hosted.
If you have a blog or account that is hosted at wordpress.com, at least do the following immediately:
You might remember the commercial that said, “This isn’t your father’s Oldsmobile,” meaning this car is nothing like the one your father drives. It’s faster, more luxurious, more YOU.
Have you noticed that the opposite is true regarding the hype over social networking and the risk it brings to your business and a computer near you? In other words, to quote an old king, “There is nothing new under the sun.”
Filed under Security
Thanks to TycoonBlogger (my favorite “blogging” blogger), I finally know what this blog is about.
Based on his Find out your blog’s personality type post, I found and ran the Typealyzer tool against my blog. It analyzes a blog and provides its Myers- Briggs Type. Here’s what it said about this blog:
The analysis indicates that the author of https://itauditsecurity.wordpress.com/ is of the type:
Filed under Blogging, Humor/Irony
On Facebook, you can share your pictures; on LinkedIn, you can share your resume; on Twitter, you can share what you had for second breakfast.
On Blippy, you can share your credit card purchases!
Filed under Security
You can find me on Twitter.
I’m not a social Tweeter (i.e., I don’t describe what I ate for second breakfast), so I won’t litter your page with junk.
For the most part, I retweet what I consider good IT, audit, or security topics (surprise!), tweet my blog posts (NOT ANY MORE), and occasionally tweet something of original interest.
Sorry, but I don’t generally “return follow.”
When I joined LinkedIn, it was because it was BUSINESS-like and so un-Facebook. As much as I like LinkedIn, it is becoming too much like Twitter and Facebook. Or perhaps it is more accurate to say that LinkedIn features are being used in the same casual manner.
Filed under Security
ITauditSecurity 