Discount Offers

Personal Self Defence Spray UK's No1 Spray Legal Pepper Spray Clone UK Sale Only

£22.99
End Date: Thursday Oct-19-2017 10:46:38 BST
Buy It Now for only: £22.99
Buy It Now | Add to watch list

Security bouncer door supervisor bomber jacket coat Medium

£51.83
End Date: Thursday Sep-21-2017 17:06:16 BST
Buy It Now for only: £51.83
Buy It Now | Add to watch list

SIA Licensed Security Tie Pin Badge K4S® Exclusive Design

£5.75
End Date: Thursday Oct-12-2017 20:04:15 BST
Buy It Now for only: £5.75
Buy It Now | Add to watch list

Black Full Leather Army Combat Patrol Boots Tactical Cadet Military Security

£43.19
End Date: Saturday Sep-30-2017 13:57:35 BST
Buy It Now for only: £43.19
Buy It Now | Add to watch list
0024351
Visit Today : 1
Visit Yesterday : 1
This Month : 19
This Year : 262
Total Visit : 24351
Hits Today : 7876
Total Hits : 3087001
Who's Online : 1

products

Equifax mega-breach: Security bod flags header config conflict

Further evidence has emerged regarding the insecurity of Equifax s web setup, as independent security researcher Scott Helme reports having uncovered all manner of problems with Equifax s security header configuration1. The finding from Helme comes as a date was confirmed for the Equifax CEO to appear before Congress earlier next month, and the FTC said it was investigating the credit reference agency.

Equifax Mega-breach: Security Bod Flags Header Config Conflict

Equifax s security header configuration

Many of the headers are more about addressing the basics, but as a site that serves over HTTPS they should really have features like HSTS and CSP enabled to offer their visitors a higher level of protection, Helme told El Reg.

The current misconfiguration that is present on the site with duplicated headers and conflicting values just raises questions about why the basics aren t being done properly. Earlier this week, Equifax admitted2 that hackers exploited an Apache Struts vulnerability (CVE-2017-5638) to break into its systems . The flaw had been patchable since March 7 but Equifax had failed to patch promptly . The intrusion but was only detected more than two months later.

The breach3 which began in mid-May, was discovered in late July, but was disclosed only last week affected 143 million US consumers and an as-yet undisclosed number of Brits and Canadians.

Criminals gained access to names, social security numbers, birth dates, addresses and, in some instances, driver’s license numbers of millions of Americans as well as the credit card numbers of 209,000 US consumers . The whole sorry mess raises a number of important questions. Three top Equifax executives, including its chief financial officer, sold a combined $1.8m worth of stock in the consumer credit reporting agency after the breach was detected but before it was made public .

Equifax said4 that the executives had had no knowledge that an intrusion had occurred at the time they sold their shares. US data privacy watchdogs at the Federal Trade Commission have taken the unusual step of confirming5 they had launched an investigation into the Equifax breach. Equifax chief exec Richard Smith has been called6 to testify before congressional lawmakers at the beginning of October .

Smith is due to appear before the House Energy and Commerce Committee on October 3.

Bootnote

Another security researcher reported7 that he d begun receiving spam emails at a single-use email address he d used uniquely to register with Equifax years earlier, but we ve not seen widespread evidence that data has escaped into the wild yet.

If you have any info you d like to share, drop us a line

Sex offender headbutts dock, hurls abuse at sheriff and brawls with security in Dundee court

A sex offender headbutted the dock, branded a sheriff a specky **** then brawled with court security officers when he was told he was going to prison. Kyle Leonard, 20, had been handed a community-based sentence at Dundee Sheriff Court after he admitted having sex with three underage girls but was arrested and hauled back to court last November facing further charges. Those charges ended up being dropped but he was locked up for breaching his earlier orders.

When Sheriff George Way then told him he was being remanded in custody to await further proceedings, Leonard flipped. Leonard appeared back in the same dock where he had lashed out at the lawman facing a threatening and abusive behaviour charge the second time he has been convicted of abusing a sheriff in identical circumstances. Fiscal depute Joanne Smith told the court: Sheriff Way decided to remand him in custody and the accused was clearly unhappy and began to shout and swear.

He shouted at the sheriff: Are you ******* joking you specky **** This is a ******* joke I m going to lose everything .

He was handcuffed to a G4S officer and was making his way to the stairs shouting: I don t ******* believe this .

Without warning he punched and headbutted the glass surrounding the dock.

Another G4S officer attended to assist and he was put to the ground to try to subdue him . Eventually he was restrained and taken to the cells.

Witnesses including the sheriff were shocked and alarmed at his actions. Leonard, a prisoner at Polmont, pleaded guilty on summary complaint to a charge of behaving in a threatening or abusive manner at Dundee Sheriff Court on November 23 last year.

Defence solicitor Douglas McConnell said Leonard is due to be released from jail on his earlier sentence later this month. He said: He has a tendency to lash out and he s been working on that whilst in custody. Sheriff Derek Reekie deferred sentence for three months for Leonard to be of good behaviour on his release from custody.

Leonard was last year convicted of hurling abuse at Sheriff Elizabeth Munro during a court appearance.

Security van sent to protect home crashes into garage after the handbrake was left off

A security firm worker was called out to help protect a home.. . but his van ended up rolling down a neighbour s drive and crashing into a garage and gas pipes. The man, from ADT Fire and Security, had been sent to Layton Close, Offerton, at around 9pm on Monday when it’s believed a burglar alarm went off. But his van rolled down the slope and knocked down the front of a garage also damaging gas pipes.

Joe Graham, who the garage belonged to, was left shocked when his quiet night in front of the TV was interrupted by a loud explosion .

Joe Graham was sitting watching TV when he heard someone smash into his garage

Read More

The 34-year-old, whose birthday it was the following day, said: I heard an explosion and thought the boiler had blown up.

I came outside and saw an ADT van and a man saying, I have crashed into your garage do you want to have a look? .

It was hard to process but if it had ripped the gas pipes rather than bent them it could have been a lot worse . I ve not been able to go to work today. Gas workers were called and, with assistance from crews from Offerton Fire Station, isolated the supply to Joe s house. Joe, who works for pensions firm Royal London and lives with his girlfriend, was not injured in the incident.

Luckily nobody was hurt, despite the van damaging gas pipes outside the house

Read More

Firefighters were at the scene for just over an hour after being called by the gas company. Steve Johnstone, watch manager at Offerton station, said: We have had a couple of incidents like this you would be surprised how many people crash into buildings.

The main thing was that no one was hurt and there was no gas explosion . They were a bit shaken and shocked but philosophical about it.

In a statement, ADT Fire and Security, based in Manchester, said: We are aware of this incident . Our Engineer followed our health and safety reporting procedure and notified us, and the police, at the time.

“We take the Health, Safety and Welfare of our employees and the public very seriously and also work hard to ensure that any works are carried out with no damage to property.

“We are grateful that there were no serious injuries as a result of this incident and we are investigating fully the circumstances surrounding it . We apologise for any inconvenience and damage caused.

Earlier in the evening the same crew had been called to an abandoned Renault Scenic that was deliberately set alight on Peter Street, in Hazel Grove1 .

References

  1. ^ Hazel Grove (www.manchestereveningnews.co.uk)