[Owasp-leaders] apple hacked hope it brings more attention to application security for owasp
johanna.curiel at owasp.org
Mon Jul 22 08:56:46 UTC 2013
I know that awful feeling and I can just imagine how your are feeling.
Major companies are getting hacked and It's not only because they do not have the right security experts,
The cyber Mafia is getting better organized and are working harder to find zero vulnerabilities and exploit existing ones.
Also, from my experience, the security engineer is been ignored or there is a false sense of security that CEOs
of major companies have, and a lot of times they don't want to spend budget patching and securing.
A while ago , on the hacker news website, a writer mentioned that major companies such as Google
are not doing much with a reported bugs...until a hacker exploits the situation. There was a nice article in Wired magazine about one writer getting hacked from his apple account and everything was deleted...gone because he says, a system secured without using two factor authentication is already a big risk.
Many companies do not take serious the threats and this can be frustrating for security engineers trying to do their job.
In my country , this situation is ridiculous, but yes, they think hackers do not attack companies from small countries...let's see how long will the party last.
So we keep on alerting,but indeed sometimes I feel like Noe and the arc....
I think the problem is not only with security experts but CEOs need to become more conscious about the situation. They need to allocate better budgets and Plans to avoid been hacked.
On Jul 21, 2013, at 10:11 PM, Matthew Parsons <mparsons at parsonsisconsulting.com> wrote:
> I found out that the apple developer program was hacked. I am an apple developer and application security engineer and chapter lead at OWASP Dallas. I look forward to a healthy conversation about this. Check out my blog post.
> Matt Parsons, CISSP, MSM Vice President of Security Services
> mparsons at parsonsisconsulting.com
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders