Department of Homeland Security and GCHQ back Apple and Amazon’s denials they were hacked by China

The US Department of Homeland Security and UK’s GCHQ have rallied behind the vigorous denials issued by Amazon and Apple, after Bloomberg BusinessWeek reported China had planted malicious computer chips on systems used by the tech giants.

How to get away with hacking the Department of Homeland Security

But more and more organisations are actually welcoming attempts to test their security, in the hope that vulnerabilities will be reported to them responsibly before a malicious hacker exploits a weakness to inflict damage.

Read more in my article on the Tripwire State of Security blog.

CryptoBin down amid claims hacker posted details of 20,000 FBI employees

Sometimes things would be better if people didn’t keep their word.

Take hackers, for instance.

Read more in my article on the Tripwire State of Security blog.

9000+ Department of Homeland Security staff have their details leaked by hacker

It makes you want to weep, doesn’t it? What is the purpose of providing your staff with authentication tokens if they see no problem in sharing token codes with each other?

Read more in my article on the Hot for Security blog.

“Unless it is absolutely necessary to run Java in web browsers, disable it”, DHS-sponsored CERT team says

Can you really justify having Java installed on your main web browser any more? Even if you have installed the latest security patch?

It’s time to rip Java out of your browser for better security… unless you have a really good reason not to.