June 30, 2011
Niles Nerd

Sometimes Hacking is Just Too Easy

[this post is from Nerd Dennis Houseknecht]
High profile breaches do not necessarily result from sophisticated attacks. Many of them are the result of fairly simple social engineering or phishing attacks. These can usually be prevented by educating users and making them aware of these kinds of threats.
You would think that a major bank and credit card provider like Citigroup would have excellent security. After all, they have a lot at stake.
Recently, they lost MILLIONS of dollars as the result of a programming error that is in the OWASP top ten.
This is a well known vulnerability that is easily detected and fixed. A simple scan of the web application would literally have saved Citigroup millions. Go figure. Security is an investment, and sometimes a darned good one.
Many businesses invest in locks, security systems, and maybe even security guards. How much are they investing in protecting their valuable data?