Heartbleed – on the mend

Internet Storm Center says Heartbleed around the net is slowly being patched. How do they know that?  Well, in case you are not a programmatic person… One can easily scan the Internet to find out what is going on, and that is exactly what the bad guys are doing all the time. They know when … Continue reading “Heartbleed – on the mend”

Advertisements

Kenn White says OpenSSL Being Rewritten

At last weeks Showmecon Kenn White spoke about the project he is auditing OpenSSL. the following is from the webpage https://opencryptoaudit.org/people   When I first walked in to listen to his speech at the show, I was not paying attention, as the topic seemed to be about how some basic hacks were occuring. Including the ones … Continue reading “Kenn White says OpenSSL Being Rewritten”

New Cisco Annual Security Report is Out

It is good to review this Annual report: http://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf   (may have to fill out some information to get it)   key discoveries: 1) 1% of all high urgency CVE (Common vulnerabilities and Exposure) were actively exploited. This means organizations must prioritize and patch high urgency vulnerabilities. 2) Since Blackhole exploit kit in 2013, it … Continue reading “New Cisco Annual Security Report is Out”

Studying Data Breaches as a whole

IBM has an infographic and a report: http://www-935.ibm.com/services/us/en/security/infographic/cybersecurityindex.html http://www-935.ibm.com/services/us/en/it-services/security-services/cost-of-data-breach/ (we make a point to show you the whole link, so you know exactly where you are going) The image above is a snippet from the infographic  IBM has gathered this information from the Ponemon Institute research report (you can download these reports if you register … Continue reading “Studying Data Breaches as a whole”

2014 Review^2 – squared

I.e. 2014 review of the reviews: Start with a good one Securosis https://securosis.com/blog/summary-thats-a-wrap ” First, the news. This was the year of Target and Sony. Symantec finally breaking up. All sorts of wacky M&A. The year family members checked in for the first time in decades, after reading my quotes in articles with “celebrity nudes” in the … Continue reading “2014 Review^2 – squared”