Time Inc. confirms Myspace has been hacked

Time Inc. only got the keys to Myspace.com a few months ago, but it’s already having to confirm some bad news: the social network has been the target of a hack. In a press release, the company says that just before the Memorial Day weekend (or Spring Bank Holiday in the UK), its technical teams were notified of someone trying to sell Myspace usernames, passwords and email addresses that were registered before June 2013.


Time Inc. doesn’t say how many accounts are affected, but a blog post on LeakedSource suggests that 360 million records may have been stolen in the breach.


Myspace is already in the process of alerting those affected and is working with the authorities to identify who may be responsible. Given that the person (or people) involved shared an alias with LeakedSource, investigators will have at least something to go on.


Read the full article here.

OWASP set to address API security risks

OWASP has started a new project and is set to publish a new guide on security risks. The issue they aim to tackle this time is API security. The new OWASP API Security Project has been introduced at the recently concluded NolaCon, by project leader David Shaw and colleague Leif Dreizler.


Read the full article here.

Wapiti – Web Application Vulnerability Scanner v2.3.0

Wapiti is a web application vulnerability scanner, it allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the web pages of the deployed web application, looking for scripts and forms where it can inject data.

Read more here.

Google Malaysia service disrupted by hackers

Internet users were denied access to Google Inc’s Malaysia website on Tuesday, and were redirected to a hacked page saying "Google Malaysia Hacked by Tiger-Mate #Bangladeshi Hacker". The company has reached out to the organisation that manages the domain name to resolve the issue, MYNIC, a Google Malaysia spokesperson said in a statement to Reuters.

Read more here.