One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 1076717 |
| Date de publication | 2019-03-22 05:27:00 (vue: 2019-03-22 14:00:11) |
| Titre | IDG Contributor Network: Facebook stashing plain text passwords is a wake-up call to improve GRC |
| Texte | As details emerged of how Facebook captured hundreds of millions of plain text passwords and stored them on internal company servers, my entire IT career flashed before my eyes. While it is criminal that there is apparently no adult supervision or oversight on what developers at Facebook can do with a user's credentials when logging into their apps, they are certainly not alone in their handling of plain text passwords.During my time as CEO at VeriClouds (a provider of identity threat intelligence that uses analytics on top a data lake of more than 10 billion compromised credentials) I was in a meeting with an executive of Twitter when he admitted to using a competitor's service whereby his team received “dumps” of compromised credentials – yes ladies and gentlemen, in plain text. I can understand that being a normal and accepted practice a decade ago before the President of the United States started using his service. I am bewildered as to why any security officer worth his title would allow a practice to occur, let alone continue at a massive social media site such as Twitter. |
| Envoyé | Oui |
| Condensat | accepted admitted adult ago allow alone analytics any apparently apps are article before being bewildered billion call can captured career ceo certainly click company competitor compromised continue contributor credentials criminal data decade details developers during emerged entire executive eyes facebook flashed full gentlemen grc handling here his how hundreds identity idg improve intelligence internal ladies lake let logging massive media meeting millions more network: normal not occur officer oversight passwords plain please practice president provider read received security servers service site social started stashing states stored such supervision team text than them threat time title top twitter understand united user uses using vericlouds wake what when whereby why worth would “dumps” |
| Tags | Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.