354 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
How to Mend a Broken Heart: The Heartbleed Bug and what you need to know to protect yourself
Fri, Apr 11th 2014 119
Are You Only a Hacktivists Away from Chaos?
Wed, Apr 2nd 2014 73
Ransomed Beauty: Is Your Identity Being Held for Ransom?
Thu, Mar 27th 2014 58
Two More Colleges Exposed: Indiana University and North Dakota University
Fri, Mar 7th 2014 137
Price vs Cost: One Man’s Opinion
Mon, Mar 3rd 2014 163
Hackstorm
Wed, Feb 26th 2014 166
Data Breach on Campus: Over 300,000 Exposed at University of Maryland
Fri, Feb 21st 2014 177
Top 10
World’s Largest Beverage Company Compromised
Thu, Jan 30th 2014 333
Knock Down the Barriers: What Does Two-factor Authentication Solution Need to Have?
Tue, Mar 26th 2013 280
Data Breach on Campus: Over 300,000 Exposed at University of Maryland
Fri, Feb 21st 2014 177
Hacking Your Way to Love
Thu, Jan 23rd 2014 174
Bugged- A Glitch in Google Voice Recognition
Fri, Jan 31st 2014 168
Hackstorm
Wed, Feb 26th 2014 166
Price vs Cost: One Man’s Opinion
Mon, Mar 3rd 2014 163
To E-File or Not to E-File
Mon, Feb 10th 2014 160
The N.S.A. Gets Crafty
Thu, Jan 16th 2014 153
Identifying Authentication Challenges in Education: A look within our clients
Wed, Jan 22nd 2014 151


Email Provider: Not as Secure as You’d Think
Chief Content Writer    

an interesting situation with an email provider and the issues they are facing with the hijacking of customer mailboxes:

“I am sorry to hear that you were experiencing issues with email latency. We are working on making changes to resolve the issues with latency. In the meantime you may see peaks of latency. We are monitoring the servers and will clear blocked queues as they arise. These traffic jams are caused by hackers hijacking our customers mailboxes that have weak passwords. We have setup automatic suspensions to stop these mailboxes faster. We are recommending to all of our customers to make passwords as secure as possible to help prevent this issue.”

With the negative effects on their customers you have to wonder if they are supporting encrypted communications to their POP3 and SMTP servers. It seems with this provider they were still using clear-text ports 110 and 25 respectively. What they think is protecting their servers are strong passwords…but what good is a “strong password” if it’s being sent to their mail servers in the clear? When checking their password complexity rules:

“Passwords  must be 8-14 characters, with at least one letter, plus one number or special character [!@#$%^&*]”

It is amazing to think that a password such as “Password1″ would be enough to be considered strong. With email being a very weak link in many organizations it is alarming to see that this is considered secure. Many providers are operating with a false sense of security which is not disclosed to their customers. What is your email provider using?



---------------------
http://blog.pistolstar.us/blog/email-provider-not-as-secure-as-youd-think/
Dec 13, 2012
64 hits



Recent Blog Posts
119


How to Mend a Broken Heart: The Heartbleed Bug and what you need to know to protect yourself
Fri, Apr 11th 2014 9:12a   Rob Bellefeuille
The news broke this week that the Heartbleed Bug had attacked an undetermined amount of websites and their users worldwide. At this time it would seem that a large number of people are affected, however, the magnitude of this Bug may not be made clear for some time. Last year, the Adobe breach  numbers grew drastically as time moved forward. So what is the Heartbleed Bug? The researchers who uncovered the problem describe the Bug as a serious flaw within OpenSSL. “The Heartbleed Bug is a seri [read] Keywords: applications bug email instant messaging password security xml
73


Are You Only a Hacktivists Away from Chaos?
Wed, Apr 2nd 2014 2:11p   Liana Lichtenwalner
Data security is a hot topic right now with Target, Michaels, and other large companies reporting data breaches. After all the time, money, and publicity from the breaches, I am sure they wish they could turn back time and deploy a stronger authentication to guard against the black market hacktivists that caused the chaos. In Cameron Shilling’s article “Is Your Business a Data Breach Away from Disaster?,” Shilling states, “data security breaches are not just perpetrated by Internet hac [read] Keywords: security
58


Ransomed Beauty: Is Your Identity Being Held for Ransom?
Thu, Mar 27th 2014 4:11p   Liana Lichtenwalner
As a woman, I know all too well how much time and money we spend on beauty supplies. Whether buying the “next best thing” in the cosmetic department or trying the newest home remedy from your favorite blog, it all requires you to spend some cash or use a credit/debit card. But how much are you willing to pay: ten, twenty, fifty dollars? What about your identity? With the growing number of businesses reporting breaches in their databases, it is no surprise that Sally Beauty became a target to [read] Keywords: network
137


Two More Colleges Exposed: Indiana University and North Dakota University
Fri, Mar 7th 2014 2:12p   Rob Bellefeuille
There seems to be a rise lately in the number of campuses that are being subject to data breaches. Today it was brought to light that North Dakota University’s database was compromised exposing around 300K current and former student’s information along with some of their staff as well. Last week, Indiana University informed nearly 146,000 recent graduates and students that their seven-campus data system had accidentally exposed. This news comes on the heels of the recent University of Maryla [read] Keywords: applications database network password security server
163


Price vs Cost: One Man’s Opinion
Mon, Mar 3rd 2014 3:14p   Rob Bellefeuille
With the economic state of the country, you always hear folks talking about the price of an item or how much it cost them. Being in the security industry and a home owner, I can identify with the struggles that come with sticking to a budget and finding a solution. However, with security it can truly be a gamble that all too often plays out in a negative way. One comparison we threw around a lot here in the office is a home security system. You constantly see on the news or hear from others sto [read] Keywords: office security xml
166


Hackstorm
Wed, Feb 26th 2014 10:15a   Liana Lichtenwalner
Hailstorms are a threatening phenomenon that can sometimes turn fatal. Hailstones can range from a ¼ of an inch to 7 inches in size, causing severe damage to anything in their path. Attacking hackers, in many ways, are like hailstorms when there is a breach in security, leaving extensive damage. Lately, Cyber security has been on the minds of many people, and with many security breaches at major companies placing personal data at risk, it is no wonder. A recent study done by the Ponemon Insti [read] Keywords: application integration network security




177


Data Breach on Campus: Over 300,000 Exposed at University of Maryland
Fri, Feb 21st 2014 12:14p   Rob Bellefeuille
This week the University of Maryland came forth with an announcement that their campus data base had been breached, exposing sensitive information for over 300,000 students and faculty.  The data breach comes on the heels of many other similar data breaches at retailers across the US including Target, Neaman Marcus, and Michaels Craft Stores. According to a letter from University of Maryland President, Wallace D. Loh on February 19, 2014; “A specific database of records maintained by our IT D [read] Keywords: database password security xml
129


Government Surveillance, Time to Reform?
Mon, Feb 17th 2014 11:11a   Chief Content Writer
There has been a recent push back against the government claiming that they are impeding on the privacy rights of users. Eight companies, including AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo, co-authored a letter to President Obama stating their concerns. In this letter, the major companies broached the issue of the global interference with users’ internet accounts and discussed the fact that governments do indeed need to protect their citizens but not at the cost of [read] Keywords: apple facebook google linkedin microsoft security twitter wiki xml
160


To E-File or Not to E-File
Mon, Feb 10th 2014 1:11p   Liana Lichtenwalner
While Shakespeare is better known as an excellent playwright, vivacious actor, and sublime constructor of the English language, he also has a not-so-well-known, historical record for tax evasion, hoarding, and the selling of grain at atrocious prices during years of famine. Although we are not here to discuss the moral ethics of Shakespeare, we should ask ourselves “to e-file or not to e-file.”  As the season for filing your taxes approaches and with many already waiting for their returns, [read] Keywords: policies application network password security wireless xml
168


Bugged- A Glitch in Google Voice Recognition
Fri, Jan 31st 2014 9:11a   Liana Lichtenwalner
Bugged and tapped conversations have been used throughout history by all kinds of people from allies to enemies, heroes to villains, and detectives to outlaws. History would tell quite a different story if bugged conversations did not exist, but what about your own conversations? Could your computer microphone be the bug in your home or office? Unauthorized sites could be using a glitch in Google Chrome’s voice command to record your private conversations right from your own computer, compromi [read] Keywords: bug desktop google office security




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition