Looking through public password dumps is weird. Like, I'm pretty sure I know the password that the CEO of a >$1billion corporation uses for everything. Not touching it with a 10 foot pole because it's none of my business, but...
Show this thread
-
Well I see multinationals at uni presenting theirselves with company laptops which are quite ok secured. What worries me more is the BYOD movement without proper patching. For smaller firms it could be as worse as writing passwords in sticky notes which are viewable from outside
I've seen admin panels and infrastructure dashboards behind HTTP Basic auth out open on the internet, on HTTP, no encryption.
-
-
Security costs money is the most heard excuse.
-
A general culture of not giving a shit is the real answer 90% of the time. Security is pretty much free these days, you just have to *care*.
- Show replies
New conversation -
-
-
Why don't you inform the CEO under responsible disclosure agreement?
-
Like I'm going to risk that. As I said, I'm not touching it with a 10 foot pole. It's the company's security staff's responsibility to peruse lists like this (and I'm sure they don't, and that's their problem).
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.