07-03-2009 4:30 Apple Learning Interchange: Security Compromise  Filed under: Apple, Security Apple is warning that Learning Interchange account passwords have been compromised. Apple warns that members who commonly use the same credentials on multiple sites may be at risk. If you are an ALI account user, please consider updating any accounts that use identical credentials. Here is the Apple quote, which has been sent to us by a number of TUAW readers. We recently learned that the security of Apple Learning Interchange (ALI) members' names and passwords may have been compromised. These accounts are limited to accessing the ALI discussion board and do not contain sensitive information such as credit card or social security numbers.While ALI member names and passwords are not linked to your Apple ID, our records indicate that your ALI member name and Apple ID are the same. For this reason we strongly recommend that you change your Apple ID password as well as any others that might have the same name and password combination. At the time of posting, the ALI site (also linked to in the Source link) is unavailable. Apple Learning Interchange: Security Compromise originally appeared on The Unofficial Apple Weblog (TUAW) on Thu, 02 Jul 2009 21:30:00 EST. Please see our terms for use of feeds. Apple Learning Interchange: Security Compromise originally appeared on The Unofficial Apple Weblog (TUAW) on Thu, 02 Jul 2009 21:30:00 EST. Please see our terms for use of feeds.
Read | Permalink | Email this | Comments Mac OS X :: tuaw Povezani zapisi: 03-12-2010 0:05 A new version of Safari is out. Looks like for Mac and Windows. Plenty of security fixes (mostly for Windows Safari users http://support.apple.com/kb/HT4070), (Thu, Mar 11th) ISC 03-11-2010 15:29 ModSecurity Handbook shipping soon! It's been an adventurous journey, but we are nearing a major milestone: the official publication of our first book! We've just received a batch of ModSecurity Handbook paperbacks and we're enjoying them in all their glory. Two further batches are on their way to our warehouses (one in the US and one in the UK), from where they will be shipped to early adopters. (If you're one of the early adopters, you will soon get an email from us with more information.) Our work is nowhere near the end, however, because now we need to focus on reaching out to the book's audience and inform them that the book exists. If you haven't purchased the book yet, now would be a very good time: because the official publication date is the 15th, we'll be maintaining the pre-order discount for a little while longer. You only have about 4-5 days to take advantage of the 25% discount. Buy now! 03-11-2010 9:39 Vordel SOAPbox for analyzing Webservices Security Using SOAPbox, you can: Test Web services residing in your internal network, or provided from the Web, or in a cloud environment. SOAP-style and REST-style services and SOAP attachments are supported. Test Web services that require encrypted input. Test Web services (...) - Security Tools / Application Scanner, Connectivity, Configurations checks, SOAPbox security-database 03-10-2010 11:08 Sergey Bratus on Learning from Hackers I just saw Sergey Bratus’s talk at TROOPERS 10. He’s an interesting guy, and his talk was good. He’s a CS professor at Dartmouth, and he’s actually making an effort, on behalf of the academic community, to inject some genuine security clue into the education of CS students. He obviously has a tough topic to address, but he looks like he’s on the right track to me. One thing he pointed out is that a lot of vulnerabilities over the years have actually resulted from the accidental creation of Turing-complete systems. (He has a nice Cthulu slide making the point.) It struck me that one goal of “secure programming” would be the avoidance of the creation of Turing-complete systems. It’s a crazy world when it’s harder to avoid the creation of such a system than it is to actually create one. Anyway, Marsh and I are speaking in a couple of hours. If you’re here, come by and bring your rotten tomatoes! |
