First the latest SC magazine: http://www.scmagazine.com/anthem-brings-in-mandiant-to-investigate-resolve-breach/article/396749/ 1. Anthem did right in discussing and revealing the breach “early”, as most companies sit on the information and reveal after several months. 2. Did not encrypt data due to needing speed for various reasons (mining the data etc. Although it is questionable whether that would have hindered the … Read more
Remember This? My Blogpost from Dec 29, which is essentially a review of all hacks in 2015, when you tally everything up you get to 120 million records hacked and compiled potentially. Now we have David Krebs in his blog Krebsonsecurity¹ stating the disturbing trend of using the Darknet data in warranty fraud. Using … Read more
Carefirst Breach(1) May- 1.1 mil members Hackers gained access to names, birthdates email, and subscriber info, passwords Anthem – Premera Blue Cross(2) January – 80 mil patients – personal information taken (all) Harvard university and other universities (3) – 28 known education breaches totalling 1 million compromised records. likely all personal information – passwords etc. … Read more
We know a firewall protects the network By using Port or protocol filter lists (also known as Access Control Lists) a firewall does protect the network in a minimal manner. But doing IP header filtering is not enough today when there are so many attackers and they can change the port or IP addresses. … Read more
As Washington Post wrote a story about the old Lopht group visit to the Capitol Hill. http://www.washingtonpost.com/sf/business/2015/06/22/net-of-insecurity-part-3/ Do you remember the following historical events? True in 1871 Chicago had 330,000 residents. (from https://www.awesomestories.com/asset/view/CHICAGO-IN-1871-Great-Fire-of-1871 ) But this is what happened when many things happened simultaneously and overwhelmed the fire department response due to conditions(dry): The area of … Read more