Kenn White says OpenSSL Being Rewritten

At last weeks Showmecon Kenn White spoke about the project he is auditing OpenSSL. the following is from the webpage https://opencryptoaudit.org/people   When I first walked in to listen to his speech at the show, I was not paying attention, as the topic seemed to be about how some basic hacks were occuring. Including the ones … Continue reading “Kenn White says OpenSSL Being Rewritten”

New Cisco Annual Security Report is Out

It is good to review this Annual report: http://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf   (may have to fill out some information to get it)   key discoveries: 1) 1% of all high urgency CVE (Common vulnerabilities and Exposure) were actively exploited. This means organizations must prioritize and patch high urgency vulnerabilities. 2) Since Blackhole exploit kit in 2013, it … Continue reading “New Cisco Annual Security Report is Out”

Studying Data Breaches as a whole

IBM has an infographic and a report: http://www-935.ibm.com/services/us/en/security/infographic/cybersecurityindex.html http://www-935.ibm.com/services/us/en/it-services/security-services/cost-of-data-breach/ (we make a point to show you the whole link, so you know exactly where you are going) The image above is a snippet from the infographic  IBM has gathered this information from the Ponemon Institute research report (you can download these reports if you register … Continue reading “Studying Data Breaches as a whole”

2014 Review^2 – squared

I.e. 2014 review of the reviews: Start with a good one Securosis https://securosis.com/blog/summary-thats-a-wrap ” First, the news. This was the year of Target and Sony. Symantec finally breaking up. All sorts of wacky M&A. The year family members checked in for the first time in decades, after reading my quotes in articles with “celebrity nudes” in the … Continue reading “2014 Review^2 – squared”