Internet Storm Center says Heartbleed around the net is slowly being patched. How do they know that? Well, in case you are not a programmatic person… One can easily scan the Internet to find out what is going on, and that is exactly what the bad guys are doing all the time. They know when … Read more
At last weeks Showmecon Kenn White spoke about the project he is auditing OpenSSL. the following is from the webpage https://opencryptoaudit.org/people When I first walked in to listen to his speech at the show, I was not paying attention, as the topic seemed to be about how some basic hacks were occuring. Including the ones … Read more
It is good to review this Annual report: http://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf (may have to fill out some information to get it) key discoveries: 1) 1% of all high urgency CVE (Common vulnerabilities and Exposure) were actively exploited. This means organizations must prioritize and patch high urgency vulnerabilities. 2) Since Blackhole exploit kit in 2013, it … Read more
IBM has an infographic and a report: http://www-935.ibm.com/services/us/en/security/infographic/cybersecurityindex.html http://www-935.ibm.com/services/us/en/it-services/security-services/cost-of-data-breach/ (we make a point to show you the whole link, so you know exactly where you are going) The image above is a snippet from the infographic IBM has gathered this information from the Ponemon Institute research report (you can download these reports if you register … Read more
I.e. 2014 review of the reviews: Start with a good one Securosis https://securosis.com/blog/summary-thats-a-wrap ” First, the news. This was the year of Target and Sony. Symantec finally breaking up. All sorts of wacky M&A. The year family members checked in for the first time in decades, after reading my quotes in articles with “celebrity nudes” in the … Read more
