Federal Websites Still Lack Basic Security

This is yet another Federal example of “Do as I say…not as I do.”  There is no excuse for the Federal government not following and meeting or exceeding the standards it sets for websites and website security.

https://www.infosecurity-magazine.com/news/federal-websites-still-lack-basic/

Advertisements

Website Down? New FairWare Ransomware Could Be Responsible

This is not the first ransomware attack against web servers and I doubt it will be the last.  Please take the security of your web perimeter seriously and have the appropriate recovery mechanisms in place.

http://www.tripwire.com/state-of-security/latest-security-news/website-down-new-fairware-ransomware-could-be-responsible/

Cross-site scripting enabled on 1000 major sites – including financial sites

Here is a warm and fuzzy post to begin your Wednesday morning.  I admit that this is a little scary, but somewhat expected.  So many sites want to take the easy way out and allow integration at the sacrifice of security.  There are good, reliable ways to have both if these organizations would only take the time to do it right.

https://thestack.com/security/2016/02/23/cross-site-scripting-enabled-on-1000-major-sites-including-financial-sites/