Hackers Hijack Popular Chrome Extension to Inject Code into Web Developers’ Browsers
“Web Developer” is a popular extension that adds various web developer tools to a variety of browsers. Unfortunately, the fact that the Chrome edition of the Web Developer extension has over one million users has also made its author – San Francisco-based Chris Pederick – a target for attack. Yesterday, Pederick had some bad news for his […]
Does Your Website Really Need SSL?
To give you a little back story, in 2014, Google announced a call for HTTPS to be used by every website on the web. Google has three main reasons for this that all come back to the desire to create a more secure internet, but before we get to those three reasons, you may be […]
For Your Eyes Only: Why Data Masking Needs to Be in Every Data Security Strategy
Data security is rife with complexities. The threats against an organization’s data are massive and ever-evolving, and the consequences of a breach are devastating, sometimes crippling, for a business, so it’s unsurprising that there are dozens if not hundreds of factors to be taken into consideration when it comes to securing databases. That’s why it’s […]
How a Single Email Stole $1.9 Million from Southern Oregon University
Southern Oregon University has announced that it is the latest organization to fall victim to a business email compromise (BEC) attack after fraudsters tricked the educational establishment into transferring money into a bank account under their control. According to media reports, the university fell for the scam in late April when it wired $1.9 million […]
5 Tips to Maximize Your IT Security Training
Quality security training is a costly investment. Multiple-day training sessions are usually required for significant learning topics and are almost exclusively fee-based. And the fees are not the only investment. Key staff must be taken out of the field to attend the course, resulting in opportunity costs and lost work hours. But our adversaries are […]