"VTech apparently had almost nothing in the way of security on their web application…"
"This attacker hasn't shared the data, but there's no way of knowing whether other attackers may have already obtained the same data…"
"Cyber Grinches scalp Santa with an automated arsenal of software programs that snap up new toy releases faster than any parent's frantic fingers can click 'buy.'"
"Watch for telltale signs that a company isn't taking security seriously, such as not using Secure Sockets Layer/Transport Layer Security (SSL/TLS) while logging in or submitting sensitive information…"
Shuman Ghosemajumder talks with Jon Fortt on the hot topic of encryption on CNBC’s Squawk Alley.
"…in an interesting twist, consultants at Shape Security discovered that at least one Icoscript strain receives C&C updates from Gmail draft messages."
Shuman Ghosemajumder offers his perspectives on the practice of paying up when confronted with ransomware attacks.
"Shape Security offered an illustration of how its Botwall service alters the underlying HTML code of a Web page so that it is constantly changing…"
Shape’s Sumit Agarwal offers his perspectives on the role of integrated access management in recent breaches.
"By succinctly defining broad but actionable rules of the playground, Shape enables its employees to experiment freely without constantly checking in with supervisors."