Surviving the Week 11/9/12, NBC and Coca Cola hacked this week

Couple of Major hacks this week – NBC and Coca Cola

A number of NBC sites were hacked this week. There is no official news on what attacks has been used. Test your application with NTOSpider to find possible vulnerabilities to avoid downtime -
NBC Hack – http://www.theverge.com/2012/11/4/3598998/nbc-snl-hacked
Coca Cola Hack – http://www.networkworld.com/community/node/81739

Barnes & Noble Customers File Lawsuits After Breach

Another instance of lawsuits after hacking incident. Victims of a PIN pad tampering incident, which compromised customer information at dozens of Barnes & Noble stores, have filed three class-action lawsuits against the nation’s largest book retailer.
http://www.scmagazine.com/barnes-noble-customers-file-lawsuits-after-breach/article/267227/

Experts Find DOM XSS Flaw in “+1” Button of Google Plus

Security researchers from Minded Security have identified a DOM-based cross-site scripting (XSS) vulnerability in the +1 button of the Google Plus social network. Test your application with NTOSpider to find possible security vulnerabilities.
http://news.softpedia.com/news/Experts-Find-DOM-XSS-Flaw-in-1-Button-of-Google-Plus-Video-304533.shtml

Singaporeans Get Hard Token Baked Into Credit Card

Standard Chartered Bank’s local outfit teamed with MasterCard to offer account-holders a credit card that is also a one-time-password-generating hard token. MasterCard calls the device a ‘Display Card’ and says it includes “an embedded LCD display and touch-sensitive buttons”.
http://www.theregister.co.uk/2012/11/08/hard_token_in_credit_card/

Last updated by at .

About Dan Kuykendall

Dan Kuykendall is the CTO and Co-CEO at NT OBJECTives. Dan is a founder of NT OBJECTives and has been with the company for more than 10 years. He is responsible for the strategic direction and development of products and services and works closely with technology partners to make sure integrations are both deep and valuable. As a result of Dan’s dedication to security, technology innovation and software development, NTO application security scanning software is often recognized as the most accurate because of its sophisticated automation techniques. Dan joined NT OBJECTives from Foundstone, where he was responsible for the portal interface to the company’s flagship product, FoundScan. Prior to Foundstone, Dan was the founder of the Information Security team in the United States branches of Fortis. Dan is a regular blogger on web application security issues on ManVsWebApp.com and co-hosts An Information Security Place Podcast. His has presented on the topics of mobile and application security at many of the top security industry conferences such as ISSA (2011), B-Sides (2012-2013), OWASP AppSecUSA (2012), HouSecCon (2010-2012), ToorCon (2013) and THOTCON (2013). Dan has been involved with Web Application Security Consortium and is a regular contributor to many open source development projects including founding the RPM Builder, phpGroupWare and podPress projects. Connect with Dan on Google+

Leave a Reply

Your email address will not be published. Required fields are marked *