Security is only as good as your weakest employee

In a classic case of dumb employee vs smart hacker, was reported by the washington post as having been hacked. It’s database of emails and other personally identifiable data have been compromised. The company released a public mea culpa: “We learned that a employee had been the victim of a phishing scam that […]

Unable to play flash on IE7

The first indication that there was a problem with was when TH reported that he doesnt see any videos on the site. ONly a black spot where the video screen would have been. If you hover your mouse over the spot, it will say that “click to activate…” TH has a Windows Vista machine. […]

How to report a Vulnerability?

Here is an email from one of the mailing list that i subscribe to. It is from Vikas Singhal and in it, he asks this question that I think is also a problem of Technews-ISAW/IHAW members: Hi all, Lets say I found a vulnerability in some company’s website ( e.g SQL Injection ) and that […]

Missing ISAW and DOJ Hacking Case

If technews-isaw were around, the recent ‘incident’ that involved the so called ‘hacking’ of the DOJ (Dept of Justice), Enchanted Kingdom and ITECC among others would have a venue for discussions among security professionals. Alas, with the non-operation of the ISAW site, i have no where else to start a discussion. So I am left […]