Google Stored G Suite Passwords in Plaintext Since 2005

Threatpost

Google said it had stored G Suite enterprise users' passwords in plain text since 2005 marking a giant security faux pas. Cloud Security G Suite Gmail google google cloud google security Password password store plain text

Google Has Stored Some Passwords in Plaintext Since 2005

WIRED Threat Level

On the heels of embarrassing disclosures from Facebook and Twitter, Google reveals its own password bugs—one of which lasted 14 years. Security Security / Security News

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Intranet Imperative (2005)

ChiefTech

I wrote this in June 2005. The history of intranets is one of a slow burn of adoption (or innovation, if you like). But the pace of technology change is increasing , email is being challenged. is it time now to dust off the intranet imperative and think about about where we go next? What exactly is an intranet? The nature of intranets is changing.

Vancouver property tax records to 2005 now available at the Archives

Archives Blogs

We are pleased to announce that after a significant transfer of records from the Revenue Services Department, the Archives can now make available property tax records up to 2005.

This is the old ChiefTech blog.: Now blogging on the E2EF blog

ChiefTech

Thursday, 14 February 2008 Now blogging on the E2EF blog It feels a little odd - having been blogging here on my own since 2005 - but I just made my first post to the Enterprise 2.0 This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

FFIEC Final Authentication Guidance

Data Breach Today

The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance's risk management framework and update the Agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment

What Financial Institutions Should Know About the Capital One Data Breach

Rippleshot

The sheer scope of this incident shows how the fallout from this breach could be unknown for years: “Consumers and small businesses who applied for Capital One credit cards from 2005 through early 2019 are most at risk,” the company revealed.

Risk 52

Google Glitch Left Passwords Unprotected for 14 Years

Adam Levin

Google announced a glitch that stored unencrypted passwords belonging to several business customers, a situation that had been exploitable since 2005.

Real-Time Attacks Against Two-Factor Authentication

Schneier on Security

I wrote about this exact attack in 2005 and 2009.

'It can't be true.' Inside the chip industry's meltdown

Information Management Resources

Researchers began writing about the potential for security weaknesses at the heart of central processing units, or CPUs, at least as early as 2005. Hardware and software Data security Cyber security Intel

IT 28

Archivists and Records Managers, part 8

The Schedule

In 2005, two people working in Records and Archives at the World Health Organisation — Ineke Deserno and Donna Kynaston — had this to say about the intersection of records management and archival work: “A records management program is indispensable for an archives program. ” [from “A Records Management Program that Works for Archives,” Information Management Journal (May/June 2005): 60-62].

Popular Webkinz World online children’s game hacked, 23M credentials leaked

Security Affairs

” Webkinz were originally released by the Canadian toy company Ganz on April 29, 2005. ZDNet reported that a hacker has leaked 23 million credentials from the Webkinz World online children’s game.

NEW TECH: Exabeam positions SIEM technology to help protect IoT, OT systems

The Last Watchdog

Security information and event management systems — SIEMs — have been around since 2005, but their time may have come at last.

IoT 158

Cuts to skilled immigration degrade a U.S. strength

Information Management Resources

Between 1995 and 2005, immigrants started more than half of the new businesses in Silicon Valley. As of 2011, more than 40 percent of Fortune 500 companies were started by immigrants or their children. H-1B visas Hardware and software Data science

Capital One Data Theft Impacts 106M People

Krebs on Security

“The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019,” the statement continues.

Cloud 245

Innovator of the Month: Laurent Boyadjian

Box

In the French town of Cognac sits the head office of Rémy Martin, subsidiary of Rémy Cointreau Group, where cloud domain manager Laurent Boyadjian has been working to transform the way this legendary luxury brand works since 2005.

Cloud 23

10KBLAZE exploits could affect 9 out of 10 SAP installs of more than 50k customers

Security Affairs

The good news is that most recent versions of SAP software are configured by default to drop unauthorized connections, Since 2005, SAP is providing instructions on how to configure an ACL for the Message Server.

Access 104

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

The Last Watchdog

The accused hacker stole personal data for 106 bank patrons, including customer data from credit card applications dating back to 2005. Deploying the latest, greatest detection technology to deter stealthy network intruders will take companies only so far.

New French Data Protection Act and Implementing Decree Take Force

Hunton Privacy

The adaption of French law to the new EU data protection framework was conducted in various stages: The French Data Protection Act of January 6, 1978, was first amended by a law dated June 20, 2018, while its implementing Decree of October 20, 2005, was amended by a Decree of August 1, 2018. On June 1, 2019, New Decree No. 2019-536 (the “Implementing Decree”) took force, enabling the French Data Protection Act, as amended by an Ordinance of December 12, 2018, likewise to enter into force.

GDPR 67

XKCD forum data breach impacted 562,000 subscribers

Security Affairs

XKCD is one of the most popular webcomic platform created by the American author Randall Munroe in 2005, it is a webcomic of romance, sarcasm, math, and language.

Handling Multiple Action Filters in Tableau

Perficient Data & Analytics

Action filters are new type of dashboard action that allows the user to dynamically control which dimension members are included in a set. It allows higher level of visualization interactivity. By selecting a specific category, the dashboard will be filtered to highlight that category.

A Head Scratcher - Solving the Productivity Riddle

AIIM

But after 2005, these effects vanish from the measured statistics. Total productivity growth has fallen by two-thirds since 2005, while real GDP growth has averaged about 2 percent per year—all during a period in which the digital economy has continued to grow.”.

Revoked NARA Bulletins

National Archives Records Express

December 23, 2005. Over the past several months, we have undertaken a review of NARA bulletins to determine if any require revisions or should be revoked. NARA Bulletin 2019-01 notifies agencies that the following bulletins are no longer needed or do not reflect current policy: Bulletin Number and Title. Date Issued. 2006-03 : Availability of the Federal Enterprise Architecture Records Management Profile, version 1.0.

Subway Elevators and Movie-Plot Threats

Schneier on Security

In 2005, I coined the term "movie-plot threat" to denote a threat scenario that caused undue fear solely because of its specificity. Local residents are opposing adding an elevator to a subway station because terrorists might use it to detonate a bomb. No, really.

IT 73

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

The Last Watchdog

Allen is a widely respected thought leader on this topic, having launched Shared Assessments in 2005 as an intel-sharing and training consortium focused on third-party risks. Accounting for third-party risks is now mandated by regulations — with teeth.

Risk 180

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

Security Affairs

Experts pointed out that the Shellbot code first appeared in 2005 and is being used by several threat groups, it was also used in the massive crypto-mining campaign that was exploiting the CVE-2017-5638 Apache Struts vulnerability (CVE-2017-5638) in March 2017. “

Mining 112

This is the old ChiefTech blog.: The "E" has it

ChiefTech

This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

Capital One data breach: hacker accessed details of 106M customers before its arrest

Security Affairs

The security breach data breach took place on March 22nd and 23rd, the hacker accessed information of customers who had applied for a credit card between 2005 and 2019. Capital One, one of the largest U.S.

NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs

The Last Watchdog

The earliest SIEMs cropped up around 2005 or so. Security information and event management, or SIEM, could yet turn out to be the cornerstone technology for securing enterprise networks as digital transformation unfolds. Related: How NSA cyber weapon could be used for a $200 billion ransomware caper. Exabeam is a bold upstart in the SIEM space.

MY TAKE: PKI, digital certificates now ready to take on the task of securing digital transformation

The Last Watchdog

The CA/Browser Forum , an industry standards body founded in 2005, accelerated initiatives to drive better practices and guidelines. Just five years ago, the Public Key Infrastructure, or PKI , was seriously fraying at the edges and appeared to be tilting toward obsolescence. Things have since taken a turn for the better. Related: Why PKI is well-suited to secure the Internet of Things PKI is the authentication and encryption framework on which the Internet is built.

Scaring People into Supporting Backdoors

Schneier on Security

This is me from 2005: Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, kidnappers, and child pornographers. Back in 1998, Tim May warned us of the "Four Horsemen of the Infocalypse": "terrorists, pedophiles, drug dealers, and money launderers."

Maybe Skip SHA-3

Imperial Violet

In 2005 and 2006, a series of significant results were published against SHA-1 [ 1 ][ 2 ][ 3 ]. But the competition itself proved that we do know how to build hash functions: the series of results in 2005 didn't extend to SHA-2 and the SHA-3 process produced a number of hash functions, all of which are secure as far as we can tell. These repeated break-throughs caused something of a crisis of faith as cryptographers questioned whether we knew how to build hash functions at all.

IT 108

This is the old ChiefTech blog.: CSC and the 2007 'Sydney to the Gong' bike ride

ChiefTech

This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

250 Million Microsoft customer support records and PII exposed online

Security Affairs

The unprotected archive was containing support requests submitted to the tech giant from 2005 to December 2019. An expert discovered that over 250 million Microsoft customer support records might have been exposed along with some personally identifiable information.

Critical bug in WINRAR affects all versions released in the last 19 years

Security Affairs

The worst aspect of the story is that WinRAR development team had lost the source code of the UNACEV2.dll library in 2005. Security experts at Check Point have disclosed technical details of a critical vulnerability in the popular file compression software WinRAR.

Preservica congratulates 2019 Emmett Leahy Award winner

Preservica

Past winners have included preeminent thought-leaders, educators and practitioners including Trudy Peterson (2018), Richard Marciano (2017), David Giaretta (2012), Charles Dollar (2005), Luciana Duranti (2006), and digital preservation pioneer and author Adrian Brown (2016), to name just a few. (A

G Suite users’ passwords stored in plain-text for more than 14 years

Security Affairs

“We made an error when implementing this functionality back in 2005: The admin console stored a copy of the unhashed password. Google accidentally stored the passwords of its G Suite users in plain-text for 14 years allowing its employees to access them.

Malware spam campaign exploits WinRAR flaw to deliver Backdoor

Security Affairs

The worst aspect of the story is that WinRAR development team had lost the source code of the UNACEV2.dll library in 2005. Experts discovered a malspam campaign that is distributing a malicious RAR archive that could exploit the WinRAR flaw to install deliver malware on a computer.

This is the old ChiefTech blog.: Second Life: The Demo

ChiefTech

This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion.

Modern Assembler Programming for z/OS

Rocket Software

The first notable change to my personal development style occurred in 2005 with the adoption of assembler Structured Programming Macros (SPMs).

IT 52