Wednesday, October 15, 2014

Someone Might Be Spying On Your WebEx Meetings

Cisco has sent a warning to its customers to protect their WebEx meetings after Brian Krebs from KrebsOnSecurity found that almost 50 big players left their online meetings vulnerable and open for all.

Krebs said that he found several organizations did not password protect their WebEx meetings, thus allowing anyone to join and get information about their internal planning. The schedule of these meetings was available through the WebEx Event Center. WebEx is an online conferencing system from Cisco.

These issues were present with audio and video based meetings as well. There are options for companies to password protect their sessions, but many companies do not follow the best practices for online meetings, and thus allow any malicious entity to join the daily conferences and gather details regarding management related topics.

Read more here.

Tuesday, October 14, 2014

Dropbox: We weren’t hacked!

NEW YORK (CNNMoney) — A group of anonymous hackers claims to have stolen nearly 7 million Dropbox username and password combinations. But Dropbox denied that it was hacked.
The hackers have posted several hundred email addresses and passwords so far on Pastebin.com, releasing more logins as they receive more bitcoin donations.
“Your stuff is safe,” Dropbox said in a blog post. “The usernames and passwords … were stolen from unrelated services, not Dropbox.”
It’s not clear which service or services the passwords were stolen from. Some third-party apps allow people to manage their Dropbox files, but a Dropbox spokesman wouldn’t name any potential culprit.
It’s possible that some people used the same login information for Dropbox that they used for the third-party app.

Read more here.