Vodafone Customer Database Breached
How the heck do they get away with having retrievable credit card details in their db? Once the CC# is in the database it shouldn't be retrievable.
How many places out there don't actually follow this simple rule?
Where I work we were worried that the banks may turn off our credit card processing facilities if we don't get PCI compliant. And that is maybe 1/40 of the customer base.
I am really puzzled - how does Vodafone get away with this in the first place? No audits?
Robotic Hands Grip Without Fingers
That's what they invented Dvorak for....
Are you working right now?
Not sure if that was just supposed to be funny, but slashdot only has its highest traffic rating in Bangladesh. Click on the Audience tab to find that 44.4% of all visitors are from the US.Bangladesh only brings in 1.1% of all visitors.
HP's Free Adobe Flash Vulnerability Scanner
Interesting. That file is gone and so is Google's cached version. Just how much info was in that PDF?!
Building an Effective Information Security Policy Architecture
Easy solution. Work at a company and ... have a backup of their security policy ready. Think of it as a template.
When you leave that company do a replace on the company name and make it the official policy of the new company.
In case you get an audit match the auditors requirements with your security policy and enhance it where it lacks using the format of the template you brought along.
During the time of the audit have signs up in the office, revoke the CEO's and any other big shots/pain in the ass user's special privileges like having no password complexity, automatic timeout, etc.
When the auditors leave relax and congratulate yourself on how you played your part in the whole accreditation/compliance/certification placebo crap.
On the other hand if you really dislike a user point out a random clause in the policy and have them fired for violating it.